Bug 2067201

Summary: Please rebase expat to version 2.4.5 or higher
Product: Red Hat Enterprise Linux 9 Reporter: Tomas Orsava <torsava>
Component: expatAssignee: Tomas Korbar <tkorbar>
Status: CLOSED ERRATA QA Contact: FrantiĊĦek Hrdina <fhrdina>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 9.1CC: fhrdina, psklenar
Target Milestone: rcKeywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: expat-2.4.7-1.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-11-15 11:14:42 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2059951    

Description Tomas Orsava 2022-03-23 14:07:36 UTC 
Hi,
please rebase expat in RHEL 9 to version 2.4.5 or higher (possibly 2.4.7+ to drop more CVE related patches in expat).

The CPython test suite has been adjusted to test differently for pyexpat version 2.4.5+ [0], and thus we need to patch Python downstream in RHEL so that the test does not fail. And as we plan to add more Python versions into RHEL 9, each Python version we ship would need this downstream patch [1], making long term maintenance harder.

[0] https://bugs.python.org/issue46811
[1] https://src.osci.redhat.com/rpms/python3/pull-request/84
Comment 9 errata-xmlrpc 2022-11-15 11:14:42 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (expat bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:8290