First published: Thu Sep 12 2019(Updated: )
It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libexpat1 | <2.2.6-1ubuntu0.19.5 | 2.2.6-1ubuntu0.19.5 |
=19.04 | ||
All of | ||
ubuntu/libexpat1 | <2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.2 |
=18.04 | ||
All of | ||
ubuntu/lib64expat1 | <2.1.0-7ubuntu0.16.04.5 | 2.1.0-7ubuntu0.16.04.5 |
=16.04 | ||
All of | ||
ubuntu/libexpat1 | <2.1.0-7ubuntu0.16.04.5 | 2.1.0-7ubuntu0.16.04.5 |
=16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the Expat vulnerability is USN-4132-1.
The Expat vulnerability affects the libexpat1 package version 2.2.6-1ubuntu0.19.5 on Ubuntu 19.04, libexpat1 package version 2.2.5-3ubuntu0.2 on Ubuntu 18.04, lib64expat1 package version 2.1.0-7ubuntu0.16.04.5 on Ubuntu 16.04.
The Expat vulnerability could allow an attacker to expose sensitive information.
To fix the Expat vulnerability, update the libexpat1 package to version 2.2.6-1ubuntu0.19.5 for Ubuntu 19.04, version 2.2.5-3ubuntu0.2 for Ubuntu 18.04, and update the lib64expat1 package to version 2.1.0-7ubuntu0.16.04.5 for Ubuntu 16.04.
You can find more information about the Expat vulnerability at the following references: [CVE-2019-15903](https://ubuntu.com/security/CVE-2019-15903), [USN-4202-1](https://ubuntu.com/security/notices/USN-4202-1), [USN-4335-1](https://ubuntu.com/security/notices/USN-4335-1).