Описание
Security update for expat
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations by submitting crafted XML input (bsc#1249584).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP7
expat-2.7.1-150700.3.6.1
libexpat-devel-2.7.1-150700.3.6.1
libexpat1-2.7.1-150700.3.6.1
libexpat1-32bit-2.7.1-150700.3.6.1
Ссылки
- Link for SUSE-SU-2025:03508-1
- E-Mail link for SUSE-SU-2025:03508-1
- SUSE Security Ratings
- SUSE Bug 1249584
- SUSE CVE CVE-2025-59375 page
Описание
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-32bit-2.7.1-150700.3.6.1
Ссылки
- CVE-2025-59375
- SUSE Bug 1249584