ELSA-2023-0103

ULN >
Oracle Linux Errata repository >
ELSA-2023-0103

ELSA-2023-0103 - expat security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2023-01-12

Description

[2.2.5-10.0.1]
- lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910314]

[2.2.5-10.1]
- CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate
- Resolves: CVE-2022-43680

Related CVEs

CVE-2022-43680

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	expat-2.2.5-10.0.1.el8_7.1.src.rpm	a78cf4421c5747f8f9dfb1cc3bb93ee64e0a9b785ae6bcef396d243a3ac67c67	-	ol8_aarch64_baseos_latest
	expat-2.2.5-10.0.1.el8_7.1.src.rpm	a78cf4421c5747f8f9dfb1cc3bb93ee64e0a9b785ae6bcef396d243a3ac67c67	-	ol8_aarch64_u7_baseos_patch
	expat-2.2.5-10.0.1.el8_7.1.aarch64.rpm	bf641cc986480a080d9360a9ab4c9042ac9da9a53ddb01041f22b0d7af28123f	-	ol8_aarch64_baseos_latest
	expat-2.2.5-10.0.1.el8_7.1.aarch64.rpm	bf641cc986480a080d9360a9ab4c9042ac9da9a53ddb01041f22b0d7af28123f	-	ol8_aarch64_u7_baseos_patch
	expat-devel-2.2.5-10.0.1.el8_7.1.aarch64.rpm	2112dab2c414300804f84366dabdc7097aaa1c450052c48e87d0fa51f01f4c03	-	ol8_aarch64_baseos_latest
	expat-devel-2.2.5-10.0.1.el8_7.1.aarch64.rpm	2112dab2c414300804f84366dabdc7097aaa1c450052c48e87d0fa51f01f4c03	-	ol8_aarch64_u7_baseos_patch

Oracle Linux 8 (x86_64)	expat-2.2.5-10.0.1.el8_7.1.src.rpm	a78cf4421c5747f8f9dfb1cc3bb93ee64e0a9b785ae6bcef396d243a3ac67c67	-	ol8_x86_64_baseos_latest
	expat-2.2.5-10.0.1.el8_7.1.src.rpm	a78cf4421c5747f8f9dfb1cc3bb93ee64e0a9b785ae6bcef396d243a3ac67c67	-	ol8_x86_64_u7_baseos_patch
	expat-2.2.5-10.0.1.el8_7.1.i686.rpm	209c29a01321bd964058f19adafcda71a4531a8d0fb810261f611ad0e562228e	-	ol8_x86_64_baseos_latest
	expat-2.2.5-10.0.1.el8_7.1.i686.rpm	209c29a01321bd964058f19adafcda71a4531a8d0fb810261f611ad0e562228e	-	ol8_x86_64_u7_baseos_patch
	expat-2.2.5-10.0.1.el8_7.1.x86_64.rpm	b02878dff6f6de9209593e3d2b8f24e5cdf03285c9166180173085f6e8acac43	-	exadata_dbserver_23.1.0.0.0_x86_64_base
	expat-2.2.5-10.0.1.el8_7.1.x86_64.rpm	b02878dff6f6de9209593e3d2b8f24e5cdf03285c9166180173085f6e8acac43	-	exadata_dbserver_23.1.1.0.0_x86_64_base
	expat-2.2.5-10.0.1.el8_7.1.x86_64.rpm	b02878dff6f6de9209593e3d2b8f24e5cdf03285c9166180173085f6e8acac43	-	exadata_dbserver_23.1.2.0.0_x86_64_base
	expat-2.2.5-10.0.1.el8_7.1.x86_64.rpm	b02878dff6f6de9209593e3d2b8f24e5cdf03285c9166180173085f6e8acac43	-	ol8_x86_64_baseos_latest
	expat-2.2.5-10.0.1.el8_7.1.x86_64.rpm	b02878dff6f6de9209593e3d2b8f24e5cdf03285c9166180173085f6e8acac43	-	ol8_x86_64_u7_baseos_patch
	expat-devel-2.2.5-10.0.1.el8_7.1.i686.rpm	ccf79f97bc7ed7cc9dbb02f5e2f8b0c5fc9d2b6fcf5166797c1c153c82cf77f0	-	ol8_x86_64_baseos_latest
	expat-devel-2.2.5-10.0.1.el8_7.1.i686.rpm	ccf79f97bc7ed7cc9dbb02f5e2f8b0c5fc9d2b6fcf5166797c1c153c82cf77f0	-	ol8_x86_64_u7_baseos_patch
	expat-devel-2.2.5-10.0.1.el8_7.1.x86_64.rpm	3624f7a24e7a63fdcdb3874784d777c3f8e8e246e9f5cda859a3634e94486ccb	-	ol8_x86_64_baseos_latest
	expat-devel-2.2.5-10.0.1.el8_7.1.x86_64.rpm	3624f7a24e7a63fdcdb3874784d777c3f8e8e246e9f5cda859a3634e94486ccb	-	ol8_x86_64_u7_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691