Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2022:1012 - Security Advisory
Issued:
2022-03-22
Updated:
2022-03-22

RHSA-2022:1012 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: expat security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for expat is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Expat is a C library for parsing XML documents.

Security Fix(es):

  • expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235)
  • expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution (CVE-2022-25236)
  • expat: Integer overflow in storeRawNames() (CVE-2022-25315)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, applications using the Expat library must be restarted for the update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Fixes

  • BZ - 2056363 - CVE-2022-25315 expat: Integer overflow in storeRawNames()
  • BZ - 2056366 - CVE-2022-25235 expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
  • BZ - 2056370 - CVE-2022-25236 expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

CVEs

  • CVE-2022-25235
  • CVE-2022-25236
  • CVE-2022-25315

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

SRPM
expat-2.2.5-4.el8_4.2.src.rpm SHA-256: 72bd3638e721c56496a599685a75e4477c2e71fe996ed604c283df0d96c08a89
x86_64
expat-2.2.5-4.el8_4.2.i686.rpm SHA-256: 598a8aa0afc3288ff47c0157853e5790f4a99b4c252cfe8775514f02a1d72eef
expat-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: a1bbfbeb62a9c634fb8ae324533eebe14540b6ae9ac8efe7e0f94c2783a3a574
expat-debuginfo-2.2.5-4.el8_4.2.i686.rpm SHA-256: 73b476d4c08bbb5b0579919b28c80536f4670b31dddccc4f144a828423091a18
expat-debuginfo-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 01984411f775ef46cdd60f91701c14199b65074a60dd238ec9cbbb942e792d91
expat-debugsource-2.2.5-4.el8_4.2.i686.rpm SHA-256: 476c76e341743b0472b21205c142dd487e599621c5be64c1c30ef07ff051cdb9
expat-debugsource-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 23d666ce4dde8cdb965cbdc352066ed3c4438c232f0b74f1a2674021e9cc1a2c
expat-devel-2.2.5-4.el8_4.2.i686.rpm SHA-256: e1c8c451821578cc6119ea7c8771e0523c76204ecdb33c16b8582f93f33805eb
expat-devel-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 248a836aec5532d001d37e254078b95f75e5483f17de351e211432844f27b335

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
expat-2.2.5-4.el8_4.2.src.rpm SHA-256: 72bd3638e721c56496a599685a75e4477c2e71fe996ed604c283df0d96c08a89
x86_64
expat-2.2.5-4.el8_4.2.i686.rpm SHA-256: 598a8aa0afc3288ff47c0157853e5790f4a99b4c252cfe8775514f02a1d72eef
expat-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: a1bbfbeb62a9c634fb8ae324533eebe14540b6ae9ac8efe7e0f94c2783a3a574
expat-debuginfo-2.2.5-4.el8_4.2.i686.rpm SHA-256: 73b476d4c08bbb5b0579919b28c80536f4670b31dddccc4f144a828423091a18
expat-debuginfo-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 01984411f775ef46cdd60f91701c14199b65074a60dd238ec9cbbb942e792d91
expat-debugsource-2.2.5-4.el8_4.2.i686.rpm SHA-256: 476c76e341743b0472b21205c142dd487e599621c5be64c1c30ef07ff051cdb9
expat-debugsource-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 23d666ce4dde8cdb965cbdc352066ed3c4438c232f0b74f1a2674021e9cc1a2c
expat-devel-2.2.5-4.el8_4.2.i686.rpm SHA-256: e1c8c451821578cc6119ea7c8771e0523c76204ecdb33c16b8582f93f33805eb
expat-devel-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 248a836aec5532d001d37e254078b95f75e5483f17de351e211432844f27b335

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4

SRPM
expat-2.2.5-4.el8_4.2.src.rpm SHA-256: 72bd3638e721c56496a599685a75e4477c2e71fe996ed604c283df0d96c08a89
s390x
expat-2.2.5-4.el8_4.2.s390x.rpm SHA-256: d70b3f3ae471e229468247081910ef2346181c2299359bce2ce142dbc820c362
expat-debuginfo-2.2.5-4.el8_4.2.s390x.rpm SHA-256: 62d13a156cbc769726f3a7902a87ee3f3b798ff94f1709063e6b3d345e8b476e
expat-debugsource-2.2.5-4.el8_4.2.s390x.rpm SHA-256: 1d7050b48dd81cd6aa75b40140d8a7231135ef65c46f840abe97441e2815f6a3
expat-devel-2.2.5-4.el8_4.2.s390x.rpm SHA-256: 105c4852c5f447ed1c54f5a329333ed62f9c0dfc7650e93ab4a773c13fef342e

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

SRPM
expat-2.2.5-4.el8_4.2.src.rpm SHA-256: 72bd3638e721c56496a599685a75e4477c2e71fe996ed604c283df0d96c08a89
ppc64le
expat-2.2.5-4.el8_4.2.ppc64le.rpm SHA-256: 1f8dea2d554632a84d6c2bba9c67c2bf24bba97221ae07833f22bd8bf21ab83a
expat-debuginfo-2.2.5-4.el8_4.2.ppc64le.rpm SHA-256: 7d332fb10b1d989e01bcbf4e5f0a95796c150b057a1e3166dd63eb41c55687da
expat-debugsource-2.2.5-4.el8_4.2.ppc64le.rpm SHA-256: a94f7dcf0301ec88ac69bfcc059193812de5bb20a61dc29ca5aa204d73a4bf38
expat-devel-2.2.5-4.el8_4.2.ppc64le.rpm SHA-256: 38d7dff200122b3f4f6df555dce9b4cbb11ff067a59c323a173bfd21376428d8

Red Hat Enterprise Linux Server - TUS 8.4

SRPM
expat-2.2.5-4.el8_4.2.src.rpm SHA-256: 72bd3638e721c56496a599685a75e4477c2e71fe996ed604c283df0d96c08a89
x86_64
expat-2.2.5-4.el8_4.2.i686.rpm SHA-256: 598a8aa0afc3288ff47c0157853e5790f4a99b4c252cfe8775514f02a1d72eef
expat-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: a1bbfbeb62a9c634fb8ae324533eebe14540b6ae9ac8efe7e0f94c2783a3a574
expat-debuginfo-2.2.5-4.el8_4.2.i686.rpm SHA-256: 73b476d4c08bbb5b0579919b28c80536f4670b31dddccc4f144a828423091a18
expat-debuginfo-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 01984411f775ef46cdd60f91701c14199b65074a60dd238ec9cbbb942e792d91
expat-debugsource-2.2.5-4.el8_4.2.i686.rpm SHA-256: 476c76e341743b0472b21205c142dd487e599621c5be64c1c30ef07ff051cdb9
expat-debugsource-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 23d666ce4dde8cdb965cbdc352066ed3c4438c232f0b74f1a2674021e9cc1a2c
expat-devel-2.2.5-4.el8_4.2.i686.rpm SHA-256: e1c8c451821578cc6119ea7c8771e0523c76204ecdb33c16b8582f93f33805eb
expat-devel-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 248a836aec5532d001d37e254078b95f75e5483f17de351e211432844f27b335

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

SRPM
expat-2.2.5-4.el8_4.2.src.rpm SHA-256: 72bd3638e721c56496a599685a75e4477c2e71fe996ed604c283df0d96c08a89
aarch64
expat-2.2.5-4.el8_4.2.aarch64.rpm SHA-256: 0ba5361d3d4e040cfb9f3ca7bcb4ea2a67cca5545aaa055ea8b16164118c6e34
expat-debuginfo-2.2.5-4.el8_4.2.aarch64.rpm SHA-256: 58de94b554c33f05f9760cecbb34f9d13117b2f20e6be1fe72e15841f059a265
expat-debugsource-2.2.5-4.el8_4.2.aarch64.rpm SHA-256: 11f2c250c24295cde5047bfa0dbe4a4cdd61f45b98dd22931b3cebbb7f89fa88
expat-devel-2.2.5-4.el8_4.2.aarch64.rpm SHA-256: e3f88d83dfc3bcaba4a340ba64a48e43b5ad3b82cfc51a94f7fe086881b64d09

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4

SRPM
expat-2.2.5-4.el8_4.2.src.rpm SHA-256: 72bd3638e721c56496a599685a75e4477c2e71fe996ed604c283df0d96c08a89
ppc64le
expat-2.2.5-4.el8_4.2.ppc64le.rpm SHA-256: 1f8dea2d554632a84d6c2bba9c67c2bf24bba97221ae07833f22bd8bf21ab83a
expat-debuginfo-2.2.5-4.el8_4.2.ppc64le.rpm SHA-256: 7d332fb10b1d989e01bcbf4e5f0a95796c150b057a1e3166dd63eb41c55687da
expat-debugsource-2.2.5-4.el8_4.2.ppc64le.rpm SHA-256: a94f7dcf0301ec88ac69bfcc059193812de5bb20a61dc29ca5aa204d73a4bf38
expat-devel-2.2.5-4.el8_4.2.ppc64le.rpm SHA-256: 38d7dff200122b3f4f6df555dce9b4cbb11ff067a59c323a173bfd21376428d8

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4

SRPM
expat-2.2.5-4.el8_4.2.src.rpm SHA-256: 72bd3638e721c56496a599685a75e4477c2e71fe996ed604c283df0d96c08a89
x86_64
expat-2.2.5-4.el8_4.2.i686.rpm SHA-256: 598a8aa0afc3288ff47c0157853e5790f4a99b4c252cfe8775514f02a1d72eef
expat-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: a1bbfbeb62a9c634fb8ae324533eebe14540b6ae9ac8efe7e0f94c2783a3a574
expat-debuginfo-2.2.5-4.el8_4.2.i686.rpm SHA-256: 73b476d4c08bbb5b0579919b28c80536f4670b31dddccc4f144a828423091a18
expat-debuginfo-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 01984411f775ef46cdd60f91701c14199b65074a60dd238ec9cbbb942e792d91
expat-debugsource-2.2.5-4.el8_4.2.i686.rpm SHA-256: 476c76e341743b0472b21205c142dd487e599621c5be64c1c30ef07ff051cdb9
expat-debugsource-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 23d666ce4dde8cdb965cbdc352066ed3c4438c232f0b74f1a2674021e9cc1a2c
expat-devel-2.2.5-4.el8_4.2.i686.rpm SHA-256: e1c8c451821578cc6119ea7c8771e0523c76204ecdb33c16b8582f93f33805eb
expat-devel-2.2.5-4.el8_4.2.x86_64.rpm SHA-256: 248a836aec5532d001d37e254078b95f75e5483f17de351e211432844f27b335

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility