Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2020:1011 - Security Advisory
Issued:
2020-03-31
Updated:
2020-03-31

RHSA-2020:1011 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: expat security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for expat is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Expat is a C library for parsing XML documents.

Security Fix(es):

  • expat: Integer overflow leading to buffer overflow in XML_GetBuffer() (CVE-2015-2716)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, applications using the Expat library must be restarted for the update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 1220607 - CVE-2015-2716 expat: Integer overflow leading to buffer overflow in XML_GetBuffer()

CVEs

  • CVE-2015-2716

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
expat-2.1.0-11.el7.src.rpm SHA-256: c3d37243425da307e1e9bc4e96ffb777d57d3527cf18770f607b35f01c9d80fe
x86_64
expat-2.1.0-11.el7.i686.rpm SHA-256: 5582269f59a9befb81f8c79f9ae6b06ed42ac82718509ea1f6d71d10b9b12e76
expat-2.1.0-11.el7.x86_64.rpm SHA-256: 223698b861ca2c5b4844d68e47d131ca5586a2535eb935fc349a0c6fadd87fe2
expat-debuginfo-2.1.0-11.el7.i686.rpm SHA-256: 25b028c35838cdfcbcbcd2fea84f97ad3eaf0cb8280f97a7de42ec7b98b1597a
expat-debuginfo-2.1.0-11.el7.i686.rpm SHA-256: 25b028c35838cdfcbcbcd2fea84f97ad3eaf0cb8280f97a7de42ec7b98b1597a
expat-debuginfo-2.1.0-11.el7.x86_64.rpm SHA-256: dad6fe3c7ecb8f252b8eadf78b23e27ef64d3102607665054ee7694a60cf8a3c
expat-debuginfo-2.1.0-11.el7.x86_64.rpm SHA-256: dad6fe3c7ecb8f252b8eadf78b23e27ef64d3102607665054ee7694a60cf8a3c
expat-devel-2.1.0-11.el7.i686.rpm SHA-256: 19c098bac21362c55f6d7313d0cb52dc6c10411a68380909547e3b1d70eed5a9
expat-devel-2.1.0-11.el7.x86_64.rpm SHA-256: 1d1c1714af2233995045d80d38f39397552db6a9d509926a0bc8ae8fcb248fbc
expat-static-2.1.0-11.el7.i686.rpm SHA-256: 44e8931074a37db32f8f280cda54f211f81af53928cb3aa5c94c0d08792e759a
expat-static-2.1.0-11.el7.x86_64.rpm SHA-256: 3bd00551e877e05aae7fd365c7c5cdd299234d20fd55676dd87422e6d89764b3

Red Hat Enterprise Linux Workstation 7

SRPM
expat-2.1.0-11.el7.src.rpm SHA-256: c3d37243425da307e1e9bc4e96ffb777d57d3527cf18770f607b35f01c9d80fe
x86_64
expat-2.1.0-11.el7.i686.rpm SHA-256: 5582269f59a9befb81f8c79f9ae6b06ed42ac82718509ea1f6d71d10b9b12e76
expat-2.1.0-11.el7.x86_64.rpm SHA-256: 223698b861ca2c5b4844d68e47d131ca5586a2535eb935fc349a0c6fadd87fe2
expat-debuginfo-2.1.0-11.el7.i686.rpm SHA-256: 25b028c35838cdfcbcbcd2fea84f97ad3eaf0cb8280f97a7de42ec7b98b1597a
expat-debuginfo-2.1.0-11.el7.i686.rpm SHA-256: 25b028c35838cdfcbcbcd2fea84f97ad3eaf0cb8280f97a7de42ec7b98b1597a
expat-debuginfo-2.1.0-11.el7.x86_64.rpm SHA-256: dad6fe3c7ecb8f252b8eadf78b23e27ef64d3102607665054ee7694a60cf8a3c
expat-debuginfo-2.1.0-11.el7.x86_64.rpm SHA-256: dad6fe3c7ecb8f252b8eadf78b23e27ef64d3102607665054ee7694a60cf8a3c
expat-devel-2.1.0-11.el7.i686.rpm SHA-256: 19c098bac21362c55f6d7313d0cb52dc6c10411a68380909547e3b1d70eed5a9
expat-devel-2.1.0-11.el7.x86_64.rpm SHA-256: 1d1c1714af2233995045d80d38f39397552db6a9d509926a0bc8ae8fcb248fbc
expat-static-2.1.0-11.el7.i686.rpm SHA-256: 44e8931074a37db32f8f280cda54f211f81af53928cb3aa5c94c0d08792e759a
expat-static-2.1.0-11.el7.x86_64.rpm SHA-256: 3bd00551e877e05aae7fd365c7c5cdd299234d20fd55676dd87422e6d89764b3

Red Hat Enterprise Linux Desktop 7

SRPM
expat-2.1.0-11.el7.src.rpm SHA-256: c3d37243425da307e1e9bc4e96ffb777d57d3527cf18770f607b35f01c9d80fe
x86_64
expat-2.1.0-11.el7.i686.rpm SHA-256: 5582269f59a9befb81f8c79f9ae6b06ed42ac82718509ea1f6d71d10b9b12e76
expat-2.1.0-11.el7.x86_64.rpm SHA-256: 223698b861ca2c5b4844d68e47d131ca5586a2535eb935fc349a0c6fadd87fe2
expat-debuginfo-2.1.0-11.el7.i686.rpm SHA-256: 25b028c35838cdfcbcbcd2fea84f97ad3eaf0cb8280f97a7de42ec7b98b1597a
expat-debuginfo-2.1.0-11.el7.i686.rpm SHA-256: 25b028c35838cdfcbcbcd2fea84f97ad3eaf0cb8280f97a7de42ec7b98b1597a
expat-debuginfo-2.1.0-11.el7.x86_64.rpm SHA-256: dad6fe3c7ecb8f252b8eadf78b23e27ef64d3102607665054ee7694a60cf8a3c
expat-debuginfo-2.1.0-11.el7.x86_64.rpm SHA-256: dad6fe3c7ecb8f252b8eadf78b23e27ef64d3102607665054ee7694a60cf8a3c
expat-devel-2.1.0-11.el7.i686.rpm SHA-256: 19c098bac21362c55f6d7313d0cb52dc6c10411a68380909547e3b1d70eed5a9
expat-devel-2.1.0-11.el7.x86_64.rpm SHA-256: 1d1c1714af2233995045d80d38f39397552db6a9d509926a0bc8ae8fcb248fbc
expat-static-2.1.0-11.el7.i686.rpm SHA-256: 44e8931074a37db32f8f280cda54f211f81af53928cb3aa5c94c0d08792e759a
expat-static-2.1.0-11.el7.x86_64.rpm SHA-256: 3bd00551e877e05aae7fd365c7c5cdd299234d20fd55676dd87422e6d89764b3

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
expat-2.1.0-11.el7.src.rpm SHA-256: c3d37243425da307e1e9bc4e96ffb777d57d3527cf18770f607b35f01c9d80fe
s390x
expat-2.1.0-11.el7.s390.rpm SHA-256: f9f3cc3ebae5e29cb75872393410755328bf9ee0eccd3667ad812b2738d0b946
expat-2.1.0-11.el7.s390x.rpm SHA-256: 67be6f66beb5199fe04f330a55a720ffb180c0041630aca8fbeff75775b45f8f
expat-debuginfo-2.1.0-11.el7.s390.rpm SHA-256: abb4a831d05fa336dd0df7151d6bb5b0e6293b7b03de771e07ff23f074a120e7
expat-debuginfo-2.1.0-11.el7.s390.rpm SHA-256: abb4a831d05fa336dd0df7151d6bb5b0e6293b7b03de771e07ff23f074a120e7
expat-debuginfo-2.1.0-11.el7.s390x.rpm SHA-256: 2bfb6c0995c9e4c3f9e65d798338501344279641a36c18d2e1864a84cefc6a01
expat-debuginfo-2.1.0-11.el7.s390x.rpm SHA-256: 2bfb6c0995c9e4c3f9e65d798338501344279641a36c18d2e1864a84cefc6a01
expat-devel-2.1.0-11.el7.s390.rpm SHA-256: d48767fcd486c5d32c65ce3eb24645ea43173829d5b230265301f3028a8f7f12
expat-devel-2.1.0-11.el7.s390x.rpm SHA-256: 63b82d9a51ad771b525f1c409a430e1cdb3abf2b979e5c43343fb46b7b3eb533
expat-static-2.1.0-11.el7.s390.rpm SHA-256: c4f04ea9ca35df9f20ab9e315eebd43fcef2b8bd8a0c1e027036f54cda6f092e
expat-static-2.1.0-11.el7.s390x.rpm SHA-256: 6a4c9d262d6545bb5af49a2f548f583849dc4c40ac4ea459f642c8a28296925d

Red Hat Enterprise Linux for Power, big endian 7

SRPM
expat-2.1.0-11.el7.src.rpm SHA-256: c3d37243425da307e1e9bc4e96ffb777d57d3527cf18770f607b35f01c9d80fe
ppc64
expat-2.1.0-11.el7.ppc.rpm SHA-256: 1b49771ccc17cea312d27ad9391689089b17823122d7c4f7c6b47090ed85302c
expat-2.1.0-11.el7.ppc64.rpm SHA-256: 27d907831b8e9051b15d439f3cfb37b581148ec99235899eab0e9f277d931610
expat-debuginfo-2.1.0-11.el7.ppc.rpm SHA-256: 9c382c90fca11a134b8458e48eb17781428913cceff5fd7599ea531924fa8c35
expat-debuginfo-2.1.0-11.el7.ppc.rpm SHA-256: 9c382c90fca11a134b8458e48eb17781428913cceff5fd7599ea531924fa8c35
expat-debuginfo-2.1.0-11.el7.ppc64.rpm SHA-256: 226254d39734bcb6359ed3d054c8ea994f250211eac09519d768e2b54636d0da
expat-debuginfo-2.1.0-11.el7.ppc64.rpm SHA-256: 226254d39734bcb6359ed3d054c8ea994f250211eac09519d768e2b54636d0da
expat-devel-2.1.0-11.el7.ppc.rpm SHA-256: 8b96580e2f145d15377e24c8c8be9e0bf2df60531511000936348c3dc8b03138
expat-devel-2.1.0-11.el7.ppc64.rpm SHA-256: 1a3ab43914dca8914041c5d9b522ad642dc1e4c61fb581c5a082d60b36582199
expat-static-2.1.0-11.el7.ppc.rpm SHA-256: de00e6848b58ad55c9cde6edd627900032ade4102c5825fc1e6b334a9bb2a1ca
expat-static-2.1.0-11.el7.ppc64.rpm SHA-256: d60e02c352eaf46ac8c6fafe325f9a542a16da741b861542e0c9ed316af42c64

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
expat-2.1.0-11.el7.src.rpm SHA-256: c3d37243425da307e1e9bc4e96ffb777d57d3527cf18770f607b35f01c9d80fe
x86_64
expat-2.1.0-11.el7.i686.rpm SHA-256: 5582269f59a9befb81f8c79f9ae6b06ed42ac82718509ea1f6d71d10b9b12e76
expat-2.1.0-11.el7.x86_64.rpm SHA-256: 223698b861ca2c5b4844d68e47d131ca5586a2535eb935fc349a0c6fadd87fe2
expat-debuginfo-2.1.0-11.el7.i686.rpm SHA-256: 25b028c35838cdfcbcbcd2fea84f97ad3eaf0cb8280f97a7de42ec7b98b1597a
expat-debuginfo-2.1.0-11.el7.i686.rpm SHA-256: 25b028c35838cdfcbcbcd2fea84f97ad3eaf0cb8280f97a7de42ec7b98b1597a
expat-debuginfo-2.1.0-11.el7.x86_64.rpm SHA-256: dad6fe3c7ecb8f252b8eadf78b23e27ef64d3102607665054ee7694a60cf8a3c
expat-debuginfo-2.1.0-11.el7.x86_64.rpm SHA-256: dad6fe3c7ecb8f252b8eadf78b23e27ef64d3102607665054ee7694a60cf8a3c
expat-devel-2.1.0-11.el7.i686.rpm SHA-256: 19c098bac21362c55f6d7313d0cb52dc6c10411a68380909547e3b1d70eed5a9
expat-devel-2.1.0-11.el7.x86_64.rpm SHA-256: 1d1c1714af2233995045d80d38f39397552db6a9d509926a0bc8ae8fcb248fbc
expat-static-2.1.0-11.el7.i686.rpm SHA-256: 44e8931074a37db32f8f280cda54f211f81af53928cb3aa5c94c0d08792e759a
expat-static-2.1.0-11.el7.x86_64.rpm SHA-256: 3bd00551e877e05aae7fd365c7c5cdd299234d20fd55676dd87422e6d89764b3

Red Hat Enterprise Linux for Power, little endian 7

SRPM
expat-2.1.0-11.el7.src.rpm SHA-256: c3d37243425da307e1e9bc4e96ffb777d57d3527cf18770f607b35f01c9d80fe
ppc64le
expat-2.1.0-11.el7.ppc64le.rpm SHA-256: 0da3d5863f9a277fa923f79ce18d20bf124b9446caecf919dab7e124016613ae
expat-debuginfo-2.1.0-11.el7.ppc64le.rpm SHA-256: a1d3eb8a622c8846321ff270ff4a0593e5086716518d296d8f6b26b973c23dd3
expat-debuginfo-2.1.0-11.el7.ppc64le.rpm SHA-256: a1d3eb8a622c8846321ff270ff4a0593e5086716518d296d8f6b26b973c23dd3
expat-devel-2.1.0-11.el7.ppc64le.rpm SHA-256: d406499aa5494d8bd22dbd9c526420c670354f627ab0e98bdf82846092d9ce0c
expat-static-2.1.0-11.el7.ppc64le.rpm SHA-256: 02732f62f7f1abe0d666dc3199a6dc6eebc646c51e259050a5a13f6e45c1ecf7

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter