xmlrpc-c-1.51.0-8.el8
エラータID: AXSA:2022-4217:04
リリース日:
2022/11/29 Tuesday - 08:50
題名:
xmlrpc-c-1.51.0-8.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- libexpat の doProlog() には、整数オーバーフローの脆弱性が
あります。(CVE-2021-46143)
- libexpat の addBinding() には、整数オーバーフローの脆弱性が
あります。(CVE-2022-22822)
- libexpat の build_model() には、整数オーバーフローの脆弱性が
あります。(CVE-2022-22823)
- libexpat の defineAttribute() には、整数オーバーフローの
脆弱性があります。(CVE-2022-22824)
- libexpat の lookup() には、整数オーバーフローの脆弱性が
あります。(CVE-2022-22825)
- libexpat の nextScaffoldPart() には、整数オーバーフローの
脆弱性があります。(CVE-2022-22826)
- libexpat の storeAtts() には、整数オーバーフローの脆弱性が
あります。(CVE-2022-22827)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-46143
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
CVE-2022-22822
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22823
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22824
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22826
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
追加情報:
N/A
ダウンロード:
SRPMS
- xmlrpc-c-1.51.0-8.el8.src.rpm
MD5: 131bd9a8949648442d07d1f4b0e04e6c
SHA-256: 9e25e3ecf1c3ef258a288b9b86ca864e7cfb409264e229c91d0faa575356252a
Size: 641.17 kB
Asianux Server 8 for x86_64
- xmlrpc-c-1.51.0-8.el8.x86_64.rpm
MD5: b578a698f118144e22702aea21817765
SHA-256: 2ab96c2ccb5ca79b63d646fb717e304206ec46a01b290c1e51b112685dbcf231
Size: 211.75 kB - xmlrpc-c-c++-1.51.0-8.el8.x86_64.rpm
MD5: 5955676a87393d0e370bcbd6f11cec14
SHA-256: 7f78c1e6ece6991ec4caa586724c9c6c4cb7846ce68f86d41fec99052b716b6c
Size: 127.16 kB - xmlrpc-c-client++-1.51.0-8.el8.x86_64.rpm
MD5: 75b2b307078d650c2fa30dead1e831df
SHA-256: 04882f7c28ec861bb19a9aa40ea5e0059c02ac6d8cef4954cd2f13d5d3ea7060
Size: 53.73 kB - xmlrpc-c-client-1.51.0-8.el8.x86_64.rpm
MD5: 0bc4595937b80af6a87f8c494e7d6abe
SHA-256: 19025998f68da1b74a885bb819e1461de88b1094d696c718b5ebe7ce06442069
Size: 39.57 kB - xmlrpc-c-devel-1.51.0-8.el8.x86_64.rpm
MD5: 5f67a1d4c0109060ecc18f8c13bcf0eb
SHA-256: bfa9655f63d8d0199e132f8b03320c23699c08880bce680d351c2c7face82b9e
Size: 70.79 kB - xmlrpc-c-1.51.0-8.el8.i686.rpm
MD5: d0863bce44bb12d2b4c6ce93dd42f6af
SHA-256: 4252aa6f22d8561c9303bb9357eab62d84ec2e00280884e67ed7ef5699161a6f
Size: 220.85 kB - xmlrpc-c-c++-1.51.0-8.el8.i686.rpm
MD5: 6a82c64055ec393891f0981baeb87578
SHA-256: 8f5978b43774f14084da9644ad4f543173b48451c4569f9bc2297d3479728d61
Size: 134.79 kB - xmlrpc-c-client++-1.51.0-8.el8.i686.rpm
MD5: 88d4a2cac0dbaa106deda990e086bfe6
SHA-256: a38461fd01fc15bca96f78983146c1ac98d78bbdb914c7d644ff85f9ecaab758
Size: 55.95 kB - xmlrpc-c-client-1.51.0-8.el8.i686.rpm
MD5: b031b6cda7feef39cbf3ea5e03c0a009
SHA-256: 1e2ed6209e93277bd48fb009d66b4a6e35b7f1bce9cd4b9222e575f0de94530c
Size: 40.45 kB - xmlrpc-c-devel-1.51.0-8.el8.i686.rpm
MD5: a9d262768d86e5171ffa9cee9d0e957f
SHA-256: 2c29bfb8cc757b54dfc497c30504a78d651b83a9affea2ffd1cb5fb8fa2667d2
Size: 70.67 kB