SUSE-SU-2026:0646-1

Details

This update for expat fixes the following issues:

CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144)
CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496)

Affected Packages

expat

SUSE Linux Enterprise Module for Basesystem 15 SP7

Fixed in:

2.7.1-150700.3.9.2

libexpat-devel

SUSE Linux Enterprise Module for Basesystem 15 SP7

Fixed in:

2.7.1-150700.3.9.2

libexpat1

SUSE Linux Enterprise Module for Basesystem 15 SP7

Fixed in:

2.7.1-150700.3.9.2

libexpat1-32bit

SUSE Linux Enterprise Module for Basesystem 15 SP7

Fixed in:

2.7.1-150700.3.9.2

References