chore(deps): refresh rpm lockfiles [SECURITY]

[konflux-internal-p02]

This PR contains the following updates:

File rpms.in.yaml:

Package	Change
expat	2.5.0-5.el9_6 -> 2.5.0-5.el9_7.1

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

CVE-2025-59375

More information

Details

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-59375
• https://bugzilla.redhat.com/show_bug.cgi?id=2395108
• https://www.cve.org/CVERecord?id=CVE-2025-59375
• https://nvd.nist.gov/vuln/detail/CVE-2025-59375
• https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74
• https://github.com/libexpat/libexpat/issues/1018
• https://github.com/libexpat/libexpat/pull/1034
• https://issues.oss-fuzz.com/issues/439133977

🔧 This Pull Request updates lock files to use the latest dependency versions.

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.