Open Source Development

Power Open Source Development

Explore the open source tools and capabilities for building and deploying modern applications on IBM Power platforms including AIX, IBM i, and Linux.


#Power


#Power

 View Only

  • 1.  expat and expat-devel CVE-2022-23852, CVSS 9.8 (Critical)

    Posted Mon January 31, 2022 02:15 AM

    Hi AIX OpenSource-Team,

    please update expat, because of the security issue CVE-2022-23852.
    The possible Impact is Critical and requires fast acting. 


    AIX Toolbox Version: 2.2.9

    AFFECTED VERSIONS

    • Affected versions: expat < 2.4.4

    RECOMMENDATIONS
    Upgrade expat to version 2.4.4

    https://nvd.nist.gov/vuln/detail/CVE-2022-23852

    https://github.com/libexpat/libexpat/pull/550



    ------------------------------
    Tobias Schröer
    ------------------------------

    #AIXOpenSource


  • 2.  RE: expat and expat-devel CVE-2022-23852, CVSS 9.8 (Critical)

    Posted Tue February 01, 2022 05:05 PM
    Same here. Security department advised me to update asap because of CVE 2022 23990 & CVE 2022 23852.

    Please provide an update of expat.

    Sebastian

    ------------------------------
    Sebastian Bromme
    ------------------------------

    Original Message


  • 3.  RE: expat and expat-devel CVE-2022-23852, CVSS 9.8 (Critical)

    Posted Wed February 02, 2022 12:26 AM
    Thanks for reporting, this is in our list to be updated.

    ------------------------------
    SANKET RATHI
    ------------------------------

    Original Message


  • 4.  RE: expat and expat-devel CVE-2022-23852, CVSS 9.8 (Critical)

    Posted Sun February 13, 2022 11:48 PM

    expat-2.4.4 is now available on AIX toolbox. 



    ------------------------------
    SANKET RATHI
    ------------------------------

    Original Message


Related Content