RHSA-2024:11200: Moderate: expat security update
First published: Tue Dec 17 2024(Updated: )
Expat is a C library for parsing XML documents.<br>Security Fix(es):<br><li> libexpat: expat: DoS via XML_ResumeParser (CVE-2024-50602)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/expat | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat-debuginfo | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat-debuginfo | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat-debugsource | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat-debugsource | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat-devel | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat-devel | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat-debuginfo | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat-debugsource | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat-devel | <2.5.0-2.el9_4.2 | 2.5.0-2.el9_4.2 |
| redhat/expat | <2.5.0-2.el9_4.2.aa | 2.5.0-2.el9_4.2.aa |
| redhat/expat-debuginfo | <2.5.0-2.el9_4.2.aa | 2.5.0-2.el9_4.2.aa |
| redhat/expat-debugsource | <2.5.0-2.el9_4.2.aa | 2.5.0-2.el9_4.2.aa |
| redhat/expat-devel | <2.5.0-2.el9_4.2.aa | 2.5.0-2.el9_4.2.aa |
| Red Hat Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions | ||
| Red Hat Enterprise Linux for IBM z Systems | ||
| Red Hat Enterprise Linux for SAP Solutions | ||
| Red Hat Red Hat Enterprise Linux for Power, little endian - Extended Update Support | ||
| Red Hat Enterprise Linux Server | ||
| Red Hat Red Hat Enterprise Linux for ARM 64 - 4 years of updates | ||
| Red Hat Enterprise Linux for IBM z Systems | ||
| Red Hat Red Hat Enterprise Linux for x86_64 - Extended Update Support | ||
| Red Hat Enterprise Linux for ARM64 EUS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of RHSA-2024:11200?
The severity of RHSA-2024:11200 is classified as moderate due to a potential denial of service vulnerability.
How do I fix RHSA-2024:11200?
To fix RHSA-2024:11200, update the expat package to version 2.5.0-2.el9_4.2 or later.
Which systems are affected by RHSA-2024:11200?
RHSA-2024:11200 affects several versions of Red Hat Enterprise Linux, including those for Power LE, IBM z Systems, and x86_64.
What vulnerability is addressed in RHSA-2024:11200?
RHSA-2024:11200 addresses a denial of service vulnerability in the libexpat library through CVE-2024-50602.
Is a system restart required after applying the RHSA-2024:11200 update?
A system restart is not required for the update associated with RHSA-2024:11200 to take effect.
- agent/severity
- agent/type
- agent/references
- agent/title
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/trending
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2024:11200
- agent/software-canonical-lookup
- agent/remedy
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/redhat-errata-latest
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/red hat
- canonical/red hat red hat enterprise linux server for power le - update services for sap solutions
- canonical/red hat enterprise linux for ibm z systems
- canonical/red hat enterprise linux for sap solutions
- canonical/red hat red hat enterprise linux for power, little endian - extended update support
- canonical/red hat enterprise linux server
- canonical/red hat red hat enterprise linux for arm 64 - 4 years of updates
- canonical/red hat red hat enterprise linux for x86_64 - extended update support
- canonical/red hat enterprise linux for arm64 eus