Page tree

CentOS Linux—the open, enterprise-class, platform upon which Lumeta solutions are builtand third-party packages such as Postgres and Oracle JRE—are continuously monitored by industry  and community groups to uncover flaws. Upgrade packages that fix these CentOS flaws (aka CVEs, Common Vulnerabilities and Exposures) are made available from CentOS and third parties (Postgres, Oracle JRE) on an ongoing basis. 

This page lists security enhancements on our radar.  It's those CVEs that Lumeta is actively addressing and expects to have fully resolved in the upcoming releases of Lumeta Enterprise Edition.

CVERepairDate3rd Party Patch
Vulnerability
 Resolved_Version & GA Date
Identifier

expat-2.1.0-15.el7_9.x86_64


Available?LumetaNotes on vulnerabilityLumetaLumeta_GA
CVE-2022-40674

CentOS yesyes

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.


https://access.redhat.com/security/cve/cve-2022-40674

4.6.0.111/29/2022




  • No labels