xmlsec1-1.2.20-7.el7

エラータID: AXSA:2017-1915:01

Release date: 
Monday, August 28, 2017 - 07:26
Subject: 
xmlsec1-1.2.20-7.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

XML Security Library is a C library based on LibXML2 and OpenSSL.
The library was created with a goal to support major XML security
standards "XML Digital Signature" and "XML Encryption".

CVE-2017-1000
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

CVEs: 
CVE-2017-1000061
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
Additional Info: 

N/A

Download: 

SRPMS
  1. xmlsec1-1.2.20-7.el7.src.rpm
    MD5: a85b6affda918e967b952e08600b8b1a
    SHA-256: 1e56ee8b76171e3f41fd3b5870e92626507b86532e1498392ab8578064f50513
    Size: 1.71 MB

Asianux Server 7 for x86_64
  1. xmlsec1-1.2.20-7.el7.x86_64.rpm
    MD5: 43c894f546e91acbf2def4f7dd9fde9e
    SHA-256: 0776ceb7f2964b8728722bd5646e45846a8680a5973420ee8434b4ed92fe060e
    Size: 176.16 kB
  2. xmlsec1-openssl-1.2.20-7.el7.x86_64.rpm
    MD5: da2eeed37ec1091a8df6a28de1d271b9
    SHA-256: ef1a9e782c072ba7995635bf19321c009bcb37479c8e5ec1d913f18a591008b0
    Size: 75.03 kB
  3. xmlsec1-1.2.20-7.el7.i686.rpm
    MD5: 3756e47abfd0ec7c3a0f11be7f33b7bb
    SHA-256: 4e7a8539476e72fdf47262a0826ec945f119a9a519f8c258c519cfa6dab64532
    Size: 164.66 kB
  4. xmlsec1-openssl-1.2.20-7.el7.i686.rpm
    MD5: 9627090f1f9639382acc8c747f9f4a5e
    SHA-256: 73cb253b311895eda030292371feb0a8a0667fbf494cc08facccd98d5856d8dc
    Size: 69.14 kB