Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:0421 - Security Advisory
Issued:
2024-01-24
Updated:
2024-01-24

RHSA-2024:0421 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: expat security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for expat is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Expat is a C library for parsing XML documents.

Security Fix(es):

  • expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, applications using the Expat library must be restarted for the update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2140059 - CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate

CVEs

  • CVE-2022-43680

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM
expat-2.2.5-8.el8_6.4.src.rpm SHA-256: 2152b8960a83d5da930349d4b27ae5c76bed5c09da98eb974733fc1aee1010b8
x86_64
expat-2.2.5-8.el8_6.4.i686.rpm SHA-256: 9801ecdeed24d1b725b4122082f1b1a7f0f411b10fe47fdbd575d7232876dcb3
expat-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: 98d9babf8e84276eef0b4631bb8cd430579899dc799b663c12b0b00904c74924
expat-debuginfo-2.2.5-8.el8_6.4.i686.rpm SHA-256: 087e8c6903a1332e03bea96b6939961c05edb1cb2f4a36f550294ed2abb61b16
expat-debuginfo-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: 02b6d15682f36920d83fa1fa970c30980194d53e32d592619fd045686163113d
expat-debugsource-2.2.5-8.el8_6.4.i686.rpm SHA-256: 8de5d6b130933a12beec798227a8d0ce3021cc790b2acd5a3fdb6e24ca707f21
expat-debugsource-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: fc072f5bee77b4048c807ce796cf88dccde43970479e6a9519e17bd7fe3a53e9
expat-devel-2.2.5-8.el8_6.4.i686.rpm SHA-256: ac09fede3d8c43199ada34fdba97df4d0f7c4650f778eda60a0dfdc37324b89f
expat-devel-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: c19d23ca7373d7d9ca2778dddb23e4e72bc15d5c1fafcf5df6b3f81211cb39aa

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6

SRPM
expat-2.2.5-8.el8_6.4.src.rpm SHA-256: 2152b8960a83d5da930349d4b27ae5c76bed5c09da98eb974733fc1aee1010b8
x86_64
expat-2.2.5-8.el8_6.4.i686.rpm SHA-256: 9801ecdeed24d1b725b4122082f1b1a7f0f411b10fe47fdbd575d7232876dcb3
expat-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: 98d9babf8e84276eef0b4631bb8cd430579899dc799b663c12b0b00904c74924
expat-debuginfo-2.2.5-8.el8_6.4.i686.rpm SHA-256: 087e8c6903a1332e03bea96b6939961c05edb1cb2f4a36f550294ed2abb61b16
expat-debuginfo-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: 02b6d15682f36920d83fa1fa970c30980194d53e32d592619fd045686163113d
expat-debugsource-2.2.5-8.el8_6.4.i686.rpm SHA-256: 8de5d6b130933a12beec798227a8d0ce3021cc790b2acd5a3fdb6e24ca707f21
expat-debugsource-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: fc072f5bee77b4048c807ce796cf88dccde43970479e6a9519e17bd7fe3a53e9
expat-devel-2.2.5-8.el8_6.4.i686.rpm SHA-256: ac09fede3d8c43199ada34fdba97df4d0f7c4650f778eda60a0dfdc37324b89f
expat-devel-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: c19d23ca7373d7d9ca2778dddb23e4e72bc15d5c1fafcf5df6b3f81211cb39aa

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
expat-2.2.5-8.el8_6.4.src.rpm SHA-256: 2152b8960a83d5da930349d4b27ae5c76bed5c09da98eb974733fc1aee1010b8
x86_64
expat-2.2.5-8.el8_6.4.i686.rpm SHA-256: 9801ecdeed24d1b725b4122082f1b1a7f0f411b10fe47fdbd575d7232876dcb3
expat-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: 98d9babf8e84276eef0b4631bb8cd430579899dc799b663c12b0b00904c74924
expat-debuginfo-2.2.5-8.el8_6.4.i686.rpm SHA-256: 087e8c6903a1332e03bea96b6939961c05edb1cb2f4a36f550294ed2abb61b16
expat-debuginfo-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: 02b6d15682f36920d83fa1fa970c30980194d53e32d592619fd045686163113d
expat-debugsource-2.2.5-8.el8_6.4.i686.rpm SHA-256: 8de5d6b130933a12beec798227a8d0ce3021cc790b2acd5a3fdb6e24ca707f21
expat-debugsource-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: fc072f5bee77b4048c807ce796cf88dccde43970479e6a9519e17bd7fe3a53e9
expat-devel-2.2.5-8.el8_6.4.i686.rpm SHA-256: ac09fede3d8c43199ada34fdba97df4d0f7c4650f778eda60a0dfdc37324b89f
expat-devel-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: c19d23ca7373d7d9ca2778dddb23e4e72bc15d5c1fafcf5df6b3f81211cb39aa

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM
expat-2.2.5-8.el8_6.4.src.rpm SHA-256: 2152b8960a83d5da930349d4b27ae5c76bed5c09da98eb974733fc1aee1010b8
s390x
expat-2.2.5-8.el8_6.4.s390x.rpm SHA-256: fc16684fdeb1c36ca64518536f3b2e70120b7b92a1f3b10145774eb9252a3aa2
expat-debuginfo-2.2.5-8.el8_6.4.s390x.rpm SHA-256: 57c1ed90eb0b2c826ecad9f719bf723498c597451c4e403c617214c5556176d2
expat-debugsource-2.2.5-8.el8_6.4.s390x.rpm SHA-256: e4c7c2a45bed96e2ae77813f4520b5d3ed7847b819ca591dbdbee54786676a27
expat-devel-2.2.5-8.el8_6.4.s390x.rpm SHA-256: cd78b76367cda9bde0a03d1857f4e908dbc3998ae963da8ef6f1ed17d30d1227

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM
expat-2.2.5-8.el8_6.4.src.rpm SHA-256: 2152b8960a83d5da930349d4b27ae5c76bed5c09da98eb974733fc1aee1010b8
ppc64le
expat-2.2.5-8.el8_6.4.ppc64le.rpm SHA-256: c456c5ecf95138df620544b10f3288c01a724b2a3f5ac6e6f8588235eb0f9b44
expat-debuginfo-2.2.5-8.el8_6.4.ppc64le.rpm SHA-256: 0983419402b7cee3e36917fb5ae7e795068c607631f24a033708d77bd9fed645
expat-debugsource-2.2.5-8.el8_6.4.ppc64le.rpm SHA-256: ca7abe88d05224883678388a210049e6675c6b48cdbff2deb5fa8594d61d2a1f
expat-devel-2.2.5-8.el8_6.4.ppc64le.rpm SHA-256: c79b92be3b3f11a3f26d5b660ae091b0293a2a9d518e43175bd70d6366b59361

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
expat-2.2.5-8.el8_6.4.src.rpm SHA-256: 2152b8960a83d5da930349d4b27ae5c76bed5c09da98eb974733fc1aee1010b8
x86_64
expat-2.2.5-8.el8_6.4.i686.rpm SHA-256: 9801ecdeed24d1b725b4122082f1b1a7f0f411b10fe47fdbd575d7232876dcb3
expat-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: 98d9babf8e84276eef0b4631bb8cd430579899dc799b663c12b0b00904c74924
expat-debuginfo-2.2.5-8.el8_6.4.i686.rpm SHA-256: 087e8c6903a1332e03bea96b6939961c05edb1cb2f4a36f550294ed2abb61b16
expat-debuginfo-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: 02b6d15682f36920d83fa1fa970c30980194d53e32d592619fd045686163113d
expat-debugsource-2.2.5-8.el8_6.4.i686.rpm SHA-256: 8de5d6b130933a12beec798227a8d0ce3021cc790b2acd5a3fdb6e24ca707f21
expat-debugsource-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: fc072f5bee77b4048c807ce796cf88dccde43970479e6a9519e17bd7fe3a53e9
expat-devel-2.2.5-8.el8_6.4.i686.rpm SHA-256: ac09fede3d8c43199ada34fdba97df4d0f7c4650f778eda60a0dfdc37324b89f
expat-devel-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: c19d23ca7373d7d9ca2778dddb23e4e72bc15d5c1fafcf5df6b3f81211cb39aa

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM
expat-2.2.5-8.el8_6.4.src.rpm SHA-256: 2152b8960a83d5da930349d4b27ae5c76bed5c09da98eb974733fc1aee1010b8
aarch64
expat-2.2.5-8.el8_6.4.aarch64.rpm SHA-256: 46e28829006f0437b14827a3202bfcfed9af1618ebc354a177bed1a49ec53179
expat-debuginfo-2.2.5-8.el8_6.4.aarch64.rpm SHA-256: 8e3ad57fd7b35f8ae36e3bc3f08eb6f69ca36d9ddb73eb6b11ff6e719a2dab0d
expat-debugsource-2.2.5-8.el8_6.4.aarch64.rpm SHA-256: 65fc2ac69b6da8481b7ffe079276308b311caaf234d6f4f00d0f74a940905af3
expat-devel-2.2.5-8.el8_6.4.aarch64.rpm SHA-256: 70e7a51b74647cd1cc7952a037e86f12af17d7d1500d513cc38c7554efe0ec26

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
expat-2.2.5-8.el8_6.4.src.rpm SHA-256: 2152b8960a83d5da930349d4b27ae5c76bed5c09da98eb974733fc1aee1010b8
ppc64le
expat-2.2.5-8.el8_6.4.ppc64le.rpm SHA-256: c456c5ecf95138df620544b10f3288c01a724b2a3f5ac6e6f8588235eb0f9b44
expat-debuginfo-2.2.5-8.el8_6.4.ppc64le.rpm SHA-256: 0983419402b7cee3e36917fb5ae7e795068c607631f24a033708d77bd9fed645
expat-debugsource-2.2.5-8.el8_6.4.ppc64le.rpm SHA-256: ca7abe88d05224883678388a210049e6675c6b48cdbff2deb5fa8594d61d2a1f
expat-devel-2.2.5-8.el8_6.4.ppc64le.rpm SHA-256: c79b92be3b3f11a3f26d5b660ae091b0293a2a9d518e43175bd70d6366b59361

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
expat-2.2.5-8.el8_6.4.src.rpm SHA-256: 2152b8960a83d5da930349d4b27ae5c76bed5c09da98eb974733fc1aee1010b8
x86_64
expat-2.2.5-8.el8_6.4.i686.rpm SHA-256: 9801ecdeed24d1b725b4122082f1b1a7f0f411b10fe47fdbd575d7232876dcb3
expat-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: 98d9babf8e84276eef0b4631bb8cd430579899dc799b663c12b0b00904c74924
expat-debuginfo-2.2.5-8.el8_6.4.i686.rpm SHA-256: 087e8c6903a1332e03bea96b6939961c05edb1cb2f4a36f550294ed2abb61b16
expat-debuginfo-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: 02b6d15682f36920d83fa1fa970c30980194d53e32d592619fd045686163113d
expat-debugsource-2.2.5-8.el8_6.4.i686.rpm SHA-256: 8de5d6b130933a12beec798227a8d0ce3021cc790b2acd5a3fdb6e24ca707f21
expat-debugsource-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: fc072f5bee77b4048c807ce796cf88dccde43970479e6a9519e17bd7fe3a53e9
expat-devel-2.2.5-8.el8_6.4.i686.rpm SHA-256: ac09fede3d8c43199ada34fdba97df4d0f7c4650f778eda60a0dfdc37324b89f
expat-devel-2.2.5-8.el8_6.4.x86_64.rpm SHA-256: c19d23ca7373d7d9ca2778dddb23e4e72bc15d5c1fafcf5df6b3f81211cb39aa

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility