Описание
Security update for expat
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations by submitting crafted XML input (bsc#1249584).
Список пакетов
Container suse/sle-micro-rancher/5.2:latest
libexpat1-2.7.1-150000.3.39.1
SUSE Enterprise Storage 7.1
expat-2.7.1-150000.3.39.1
libexpat-devel-2.7.1-150000.3.39.1
libexpat1-2.7.1-150000.3.39.1
libexpat1-32bit-2.7.1-150000.3.39.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
expat-2.7.1-150000.3.39.1
libexpat-devel-2.7.1-150000.3.39.1
libexpat1-2.7.1-150000.3.39.1
libexpat1-32bit-2.7.1-150000.3.39.1
SUSE Linux Enterprise Micro 5.1
libexpat1-2.7.1-150000.3.39.1
SUSE Linux Enterprise Micro 5.2
libexpat1-2.7.1-150000.3.39.1
SUSE Linux Enterprise Server 15 SP3-LTSS
expat-2.7.1-150000.3.39.1
libexpat-devel-2.7.1-150000.3.39.1
libexpat1-2.7.1-150000.3.39.1
libexpat1-32bit-2.7.1-150000.3.39.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
expat-2.7.1-150000.3.39.1
libexpat-devel-2.7.1-150000.3.39.1
libexpat1-2.7.1-150000.3.39.1
libexpat1-32bit-2.7.1-150000.3.39.1
Ссылки
- Link for SUSE-SU-2025:03537-1
- E-Mail link for SUSE-SU-2025:03537-1
- SUSE Security Ratings
- SUSE Bug 1249584
- SUSE CVE CVE-2025-59375 page
Описание
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:libexpat1-2.7.1-150000.3.39.1
SUSE Enterprise Storage 7.1:expat-2.7.1-150000.3.39.1
SUSE Enterprise Storage 7.1:libexpat-devel-2.7.1-150000.3.39.1
SUSE Enterprise Storage 7.1:libexpat1-2.7.1-150000.3.39.1
Ссылки
- CVE-2025-59375
- SUSE Bug 1249584