Описание
Security update for expat
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations by submitting crafted XML input (bsc#1249584).
Список пакетов
Container bci/bci-init:15.6
libexpat1-2.7.1-150400.3.31.1
Container bci/spack:0.23
libexpat1-2.7.1-150400.3.31.1
Container private-registry/harbor-nginx:latest
libexpat1-2.7.1-150400.3.31.1
Container private-registry/harbor-portal:latest
libexpat1-2.7.1-150400.3.31.1
Container private-registry/harbor-trivy-adapter:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/manager/4.3/proxy-httpd:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/manager/4.3/proxy-salt-broker:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/manager/4.3/proxy-ssh:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/manager/4.3/proxy-tftpd:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/sle-micro-rancher/5.3:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/sle-micro-rancher/5.4:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/sle-micro/5.3/toolbox:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/sle-micro/5.4/toolbox:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/sle-micro/5.5/toolbox:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/sle-micro/5.5:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/sle-micro/base-5.5:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/sle-micro/kvm-5.5:latest
libexpat1-2.7.1-150400.3.31.1
Container suse/sle-micro/rt-5.5:latest
libexpat1-2.7.1-150400.3.31.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
SUSE Linux Enterprise Micro 5.3
libexpat1-2.7.1-150400.3.31.1
SUSE Linux Enterprise Micro 5.4
libexpat1-2.7.1-150400.3.31.1
SUSE Linux Enterprise Micro 5.5
libexpat1-2.7.1-150400.3.31.1
SUSE Linux Enterprise Module for Basesystem 15 SP6
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
SUSE Linux Enterprise Server 15 SP4-LTSS
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
SUSE Linux Enterprise Server 15 SP5-LTSS
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
SUSE Linux Enterprise Server for SAP Applications 15 SP5
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
SUSE Manager Proxy LTS 4.3
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
SUSE Manager Server LTS 4.3
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
openSUSE Leap 15.6
expat-2.7.1-150400.3.31.1
libexpat-devel-2.7.1-150400.3.31.1
libexpat-devel-32bit-2.7.1-150400.3.31.1
libexpat1-2.7.1-150400.3.31.1
libexpat1-32bit-2.7.1-150400.3.31.1
Ссылки
- Link for SUSE-SU-2025:03624-1
- E-Mail link for SUSE-SU-2025:03624-1
- SUSE Security Ratings
- SUSE Bug 1249584
- SUSE CVE CVE-2025-59375 page
Описание
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
Затронутые продукты
Container bci/bci-init:15.6:libexpat1-2.7.1-150400.3.31.1
Container bci/spack:0.23:libexpat1-2.7.1-150400.3.31.1
Container private-registry/harbor-nginx:latest:libexpat1-2.7.1-150400.3.31.1
Container private-registry/harbor-portal:latest:libexpat1-2.7.1-150400.3.31.1
Ссылки
- CVE-2025-59375
- SUSE Bug 1249584