Описание
Security update for expat
This update for expat fixes the following issues:
- CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025).
- CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026).
- CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168).
- CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169).
- CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171).
Список пакетов
Container bci/bci-init:15.3
libexpat1-2.2.5-3.15.1
Container bci/golang:1.16
libexpat1-2.2.5-3.15.1
Container bci/golang:1.17
libexpat1-2.2.5-3.15.1
Container bci/golang:latest
libexpat1-2.2.5-3.15.1
Container bci/node:12
libexpat1-2.2.5-3.15.1
Container bci/node:14
libexpat1-2.2.5-3.15.1
Container bci/nodejs:latest
libexpat1-2.2.5-3.15.1
Container bci/openjdk-devel:11
libexpat1-2.2.5-3.15.1
Container bci/openjdk:latest
libexpat1-2.2.5-3.15.1
Container bci/python:3
libexpat1-2.2.5-3.15.1
Container bci/ruby:latest
libexpat1-2.2.5-3.15.1
Container caasp/v4/cilium:1.6.6
libexpat1-2.2.5-3.15.1
Container ses/6/cephcsi/cephcsi:latest
libexpat1-2.2.5-3.15.1
Container ses/6/rook/ceph:latest
libexpat1-2.2.5-3.15.1
Container ses/7.1/ceph/haproxy:latest
libexpat1-2.2.5-3.15.1
Container ses/7.1/ceph/keepalived:latest
libexpat1-2.2.5-3.15.1
Container ses/7.1/cephcsi/cephcsi:latest
libexpat1-2.2.5-3.15.1
Container ses/7.1/rook/ceph:latest
libexpat1-2.2.5-3.15.1
Container ses/7/cephcsi/cephcsi:latest
libexpat1-2.2.5-3.15.1
Container ses/7/prometheus-webhook-snmp:latest
libexpat1-2.2.5-3.15.1
Container ses/7/rook/ceph:latest
libexpat1-2.2.5-3.15.1
Container suse/pcp:latest
libexpat1-2.2.5-3.15.1
Container suse/rmt-mariadb:latest
libexpat1-2.2.5-3.15.1
Container suse/rmt-nginx:latest
libexpat1-2.2.5-3.15.1
Container suse/sle-micro-rancher/5.2:latest
libexpat1-2.2.5-3.15.1
Container suse/sle-micro/5.1/toolbox:latest
libexpat1-2.2.5-3.15.1
Container suse/sle-micro/5.2/toolbox:latest
libexpat1-2.2.5-3.15.1
Container trento/trento-db:latest
libexpat1-2.2.5-3.15.1
Container trento/trento-runner:latest
libexpat1-2.2.5-3.15.1
Image SLES15-Azure-BYOS
libexpat1-2.2.5-3.15.1
Image SLES15-SAP-Azure-BYOS
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SAP-Azure-LI-BYOS-Production
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SAP-Azure-VLI-BYOS-Production
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-Azure-BYOS
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-Azure-HPC-BYOS
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-CHOST-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-CHOST-BYOS-EC2
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-CHOST-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-SAP-Azure-BYOS
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-SAP-EC2-HVM
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-SAPCAL-Azure
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-SAPCAL-EC2-HVM
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP1-SAPCAL-GCE
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-BYOS-EC2-HVM
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-CHOST-BYOS-Aliyun
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-CHOST-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-CHOST-BYOS-EC2
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-CHOST-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-HPC-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-HPC-BYOS-EC2-HVM
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-SAP-Azure
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-SAP-BYOS-Azure
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-SAP-BYOS-GCE
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-SAP-EC2-HVM
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP2-SAP-GCE
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-BYOS-EC2-HVM
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-CHOST-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-CHOST-BYOS-EC2
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-CHOST-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-EC2-ECS-HVM
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-EC2-HVM
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-HPC-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-HPC-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-HPC-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Micro-5-1-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Micro-5-1-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Micro-5-2-BYOS-Azure
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-Micro-5-2-BYOS-GCE
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-SAP-Azure
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-SAP-BYOS-Azure
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-SAP-BYOS-GCE
expat-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-SAP-EC2-HVM
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-SAP-GCE
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-SAPCAL-Azure
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-SAPCAL-EC2-HVM
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
Image SLES15-SP3-SAPCAL-GCE
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
SUSE Enterprise Storage 6
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Enterprise Storage 7
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise Micro 5.0
libexpat1-2.2.5-3.15.1
SUSE Linux Enterprise Micro 5.1
libexpat1-2.2.5-3.15.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise Real Time 15 SP2
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise Server 15 SP1-BCL
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise Server 15 SP1-LTSS
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise Server 15 SP2-BCL
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise Server 15 SP2-LTSS
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise Server 15-LTSS
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise Server for SAP Applications 15
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Manager Proxy 4.1
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Manager Retail Branch Server 4.1
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
SUSE Manager Server 4.1
expat-2.2.5-3.15.1
libexpat-devel-2.2.5-3.15.1
libexpat1-2.2.5-3.15.1
libexpat1-32bit-2.2.5-3.15.1
Ссылки
- Link for SUSE-SU-2022:0713-1
- E-Mail link for SUSE-SU-2022:0713-1
- SUSE Security Ratings
- SUSE Bug 1196025
- SUSE Bug 1196026
- SUSE Bug 1196168
- SUSE Bug 1196169
- SUSE Bug 1196171
- SUSE CVE CVE-2022-25235 page
- SUSE CVE CVE-2022-25236 page
- SUSE CVE CVE-2022-25313 page
- SUSE CVE CVE-2022-25314 page
- SUSE CVE CVE-2022-25315 page
Описание
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
Затронутые продукты
Container bci/bci-init:15.3:libexpat1-2.2.5-3.15.1
Container bci/golang:1.16:libexpat1-2.2.5-3.15.1
Container bci/golang:1.17:libexpat1-2.2.5-3.15.1
Container bci/golang:latest:libexpat1-2.2.5-3.15.1
Ссылки
- CVE-2022-25235
- SUSE Bug 1196026
- SUSE Bug 1197217
- SUSE Bug 1198587
- SUSE Bug 1200038
- SUSE Bug 1200198
- SUSE Bug 1201735
Описание
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
Затронутые продукты
Container bci/bci-init:15.3:libexpat1-2.2.5-3.15.1
Container bci/golang:1.16:libexpat1-2.2.5-3.15.1
Container bci/golang:1.17:libexpat1-2.2.5-3.15.1
Container bci/golang:latest:libexpat1-2.2.5-3.15.1
Ссылки
- CVE-2022-25236
- SUSE Bug 1196025
- SUSE Bug 1196784
- SUSE Bug 1197217
- SUSE Bug 1200038
- SUSE Bug 1201735
Описание
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
Затронутые продукты
Container bci/bci-init:15.3:libexpat1-2.2.5-3.15.1
Container bci/golang:1.16:libexpat1-2.2.5-3.15.1
Container bci/golang:1.17:libexpat1-2.2.5-3.15.1
Container bci/golang:latest:libexpat1-2.2.5-3.15.1
Ссылки
- CVE-2022-25313
- SUSE Bug 1196168
Описание
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
Затронутые продукты
Container bci/bci-init:15.3:libexpat1-2.2.5-3.15.1
Container bci/golang:1.16:libexpat1-2.2.5-3.15.1
Container bci/golang:1.17:libexpat1-2.2.5-3.15.1
Container bci/golang:latest:libexpat1-2.2.5-3.15.1
Ссылки
- CVE-2022-25314
- SUSE Bug 1196169
- SUSE Bug 1197217
- SUSE Bug 1198587
- SUSE Bug 1199096
- SUSE Bug 1200038
- SUSE Bug 1200198
Описание
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
Затронутые продукты
Container bci/bci-init:15.3:libexpat1-2.2.5-3.15.1
Container bci/golang:1.16:libexpat1-2.2.5-3.15.1
Container bci/golang:1.17:libexpat1-2.2.5-3.15.1
Container bci/golang:latest:libexpat1-2.2.5-3.15.1
Ссылки
- CVE-2022-25315
- SUSE Bug 1196171
- SUSE Bug 1197217
- SUSE Bug 1198587
- SUSE Bug 1200038
- SUSE Bug 1200198
- SUSE Bug 1201735