xmlrpc-c-1.51.0-11.el8_10

エラータID: AXSA:2025-9874:01

Release date: 
Thursday, April 24, 2025 - 19:56
Subject: 
xmlrpc-c-1.51.0-11.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

XML-RPC is a remote procedure call (RPC) protocol that uses XML to encode its
calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network
protocol to allow a client program to make a simple RPC (remote procedure call)
over the Internet. It converts an RPC into an XML document, sends it to a remote
server using HTTP, and gets back the response in XML.

Security Fix(es):

libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat
(CVE-2024-8176)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE(s):
CVE-2024-8176

Solution: 

Update packages.

CVEs: 
CVE-2024-8176
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.
Additional Info: 

N/A

Download: 

SRPMS
  1. xmlrpc-c-1.51.0-11.el8_10.src.rpm
    MD5: cedeef7e02d819c97324df901a956e15
    SHA-256: 45e32d3a1256c0f0285e9d59ef76095720b1f244227ce5e13db826c47810d40f
    Size: 651.75 kB

Asianux Server 8 for x86_64
  1. xmlrpc-c-1.51.0-11.el8_10.i686.rpm
    MD5: f916a9cac3e6add179675ebd97bd7576
    SHA-256: 8af979dbe3c32769797b3ccf92a94f57cdac96667401fcffa8867f6151842996
    Size: 221.30 kB
  2. xmlrpc-c-1.51.0-11.el8_10.x86_64.rpm
    MD5: 5e94e76fd34360573711779ddee07e16
    SHA-256: c17a2438282cbe6eaa0c73bac1c6a62eb2913f4f2b77b2746b00d3b5de26a51a
    Size: 212.22 kB
  3. xmlrpc-c-c++-1.51.0-11.el8_10.i686.rpm
    MD5: 2fd7d480529eec293145092a147f1350
    SHA-256: 525dd791e74d9da6f3828c0abeb2de4aa23d4f88dcdce203a13df8a8c42e9669
    Size: 135.18 kB
  4. xmlrpc-c-c++-1.51.0-11.el8_10.x86_64.rpm
    MD5: 6d8fb59d461ed5e15818e5028d4d34e9
    SHA-256: 44a05b8078349cbae634decea8067aff5b7d3a4081de6482d27f2d4f07caa327
    Size: 127.61 kB
  5. xmlrpc-c-client-1.51.0-11.el8_10.i686.rpm
    MD5: 887e98d157bbc5bf704c12c74d8be9f9
    SHA-256: 0b34718fd316ed9f9482bb267b92d9b8784a851855a47404cc663481bf5b8c5f
    Size: 40.81 kB
  6. xmlrpc-c-client++-1.51.0-11.el8_10.i686.rpm
    MD5: e9ebf79f8c972499451872a927911a08
    SHA-256: 7232c656b5e9c62589a1cefbac03fafc104d790356843763597531880f21ecfc
    Size: 56.32 kB
  7. xmlrpc-c-client++-1.51.0-11.el8_10.x86_64.rpm
    MD5: 36de0ed362fc65a589e3f71a9ff38201
    SHA-256: 5c77b0bef19ddf6464d1d02143e6d3b279e254acc326e085881795b633e615af
    Size: 54.10 kB
  8. xmlrpc-c-client-1.51.0-11.el8_10.x86_64.rpm
    MD5: c842244e16a90272f433a30663702a03
    SHA-256: de2b3d27f66a21247b22def27548e83f94086f7e227e78685e708c9038d90016
    Size: 39.86 kB
  9. xmlrpc-c-devel-1.51.0-11.el8_10.i686.rpm
    MD5: 982633eb1678c11fedc92011bcd196ec
    SHA-256: ae7041bd32e50f9aa9d638778061d25352a19c762e5505e3d4e2b872f58e2f38
    Size: 71.03 kB
  10. xmlrpc-c-devel-1.51.0-11.el8_10.x86_64.rpm
    MD5: f94dcecc4184a15898ad01d25f1085ec
    SHA-256: 30e3c3d6e694fbad9e33676f0af957dbdc20a208ac66cd5d511cf75c6e589ced
    Size: 71.16 kB