[CLSA-2025:1741291038] expat: Fix of CVE-2024-28757
Type:
security
Severity:
Important
Release date:
2025-03-06 19:57:23 UTC
Description:
- CVE-2024-28757: Prevent billion laughs attacks in isolated external parser (part of #839) Reject direct parameter entity recursion (part of #839)
Updated packages:
  • expat-2.5.0-1.el9.tuxcare.els4.i686.rpm
    sha:9c67d24285fd20ee2872d0ea4974bd9b0fd475bd1457529296667be58c911e0c
  • expat-2.5.0-1.el9.tuxcare.els4.x86_64.rpm
    sha:35976f7cf47b142e4dc9d41bb1b226a46973781a16a75da4982c327c857bce5e
  • expat-devel-2.5.0-1.el9.tuxcare.els4.i686.rpm
    sha:50f2a8dbba7d8113ebdfacc203f766108b3e98308f4a49cb83d9353ee2025749
  • expat-devel-2.5.0-1.el9.tuxcare.els4.x86_64.rpm
    sha:d4b5b6c38115233af7e209364fc15136b507717d540d293fb8374a369ab3823d
  • expat-static-2.5.0-1.el9.tuxcare.els4.x86_64.rpm
    sha:2215212e2af9d46094541e4d78562c8d7f7adaae523e9054f40c7781cd7f09e8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.