- Publié :
- 2024-07-02
- Mis à jour :
- 2024-07-02
RHSA-2024:4259 - Security Advisory
Synopsis
Moderate: xmlrpc-c security and bug fix update
Type / Sévérité
Security Advisory: Moderate
Analyse des correctifs dans Red Hat Insights
Identifiez et remédiez aux systèmes concernés par cette alerte.
Sujet
An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
XML-RPC is a remote procedure call (RPC) protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC (remote procedure call) over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML.
Security Fix(es):
- expat: parsing large tokens can trigger a denial of service (CVE-2023-52425)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Produits concernés
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Correctifs
- BZ - 2262877 - CVE-2023-52425 expat: parsing large tokens can trigger a denial of service
CVE
Red Hat Enterprise Linux for x86_64 8
SRPM | |
---|---|
xmlrpc-c-1.51.0-9.el8_10.src.rpm | SHA-256: 0163e8f90339feaf066f074078f8bcd9be11c0e4c7d651dcc7a8a053c157e737 |
x86_64 | |
xmlrpc-c-1.51.0-9.el8_10.i686.rpm | SHA-256: ea4bfa64288ea9633eec1b3a721bed2f0ad77d9b49cb79f2196b1d5993814628 |
xmlrpc-c-1.51.0-9.el8_10.x86_64.rpm | SHA-256: 545a11be579825bfac22ea35808d6907aff7e2cbd0b5c9148da0833bf74014ad |
xmlrpc-c-apps-debuginfo-1.51.0-9.el8_10.i686.rpm | SHA-256: a883326ffc2d571138762cba805ea78d4506e1814ed397b9240ab7293e5aa419 |
xmlrpc-c-apps-debuginfo-1.51.0-9.el8_10.x86_64.rpm | SHA-256: 2d0dffadff00b7edcd424fac5f5803cd3b890fe3e6c69c69e90a645668dd4f2a |
xmlrpc-c-c++-debuginfo-1.51.0-9.el8_10.i686.rpm | SHA-256: 7d7396d15f50e176d670ec7d496a1213dad2a8a0fbd3d3454e60522959dab307 |
xmlrpc-c-c++-debuginfo-1.51.0-9.el8_10.x86_64.rpm | SHA-256: f1003be4f131caa78a76dc9b5dc198def186b1fc6268c58e4432b51fe632de44 |
xmlrpc-c-client++-debuginfo-1.51.0-9.el8_10.i686.rpm | SHA-256: 850c2726833dfc877676b309fbe52c8d3e0616dfea31c46f2846644526c4a227 |
xmlrpc-c-client++-debuginfo-1.51.0-9.el8_10.x86_64.rpm | SHA-256: ad6fbb5742c522342adcdfd12d7d75484a744626b81ce91a35958e9e107d6b02 |
xmlrpc-c-client-1.51.0-9.el8_10.i686.rpm | SHA-256: 33293dad76cf342c568f661252e031442a7c7798b7989834e8facad2df6eff92 |
xmlrpc-c-client-1.51.0-9.el8_10.x86_64.rpm | SHA-256: 5caf38c47f3ae544a5660d2dbd47f256a2be8cb751cbe2cb512f33ab21e597e3 |
xmlrpc-c-client-debuginfo-1.51.0-9.el8_10.i686.rpm | SHA-256: 0b392328c21f962288aa654f9da54a10f27c0871e13d321fbd55a510e807cf8a |
xmlrpc-c-client-debuginfo-1.51.0-9.el8_10.x86_64.rpm | SHA-256: 9c5493ed452caf48265c7328b85c66a485a7b5e8a852293d699f79f45242b99e |
xmlrpc-c-debuginfo-1.51.0-9.el8_10.i686.rpm | SHA-256: 55897a1aaadfdc8f6d3ed9d455fb11e3b1353a286688969fb25fac75f379cfdf |
xmlrpc-c-debuginfo-1.51.0-9.el8_10.x86_64.rpm | SHA-256: 2accf8d6b293ceb8e8a38f73c5ab86eba502b5e4910d55150ebf85707fe08394 |
xmlrpc-c-debugsource-1.51.0-9.el8_10.i686.rpm | SHA-256: a6f374bc1eb673827bd22394d9a659861c15e1b956c4e9c8db65e3aaaee2fd0f |
xmlrpc-c-debugsource-1.51.0-9.el8_10.x86_64.rpm | SHA-256: 2aa1b38080012fac929632ff2ccd391b3c07262473bb96fd073d9012cdcdea02 |
Red Hat Enterprise Linux for IBM z Systems 8
SRPM | |
---|---|
xmlrpc-c-1.51.0-9.el8_10.src.rpm | SHA-256: 0163e8f90339feaf066f074078f8bcd9be11c0e4c7d651dcc7a8a053c157e737 |
s390x | |
xmlrpc-c-1.51.0-9.el8_10.s390x.rpm | SHA-256: 732afba5a7aa75f0477f2b57b7c6f270bb256aa6cf3092903d2a5c5a56bb683b |
xmlrpc-c-apps-debuginfo-1.51.0-9.el8_10.s390x.rpm | SHA-256: 57556b91d03fd264c68e8877c5ac6c2e6bb01ab860ccb172b453fe79935a84f5 |
xmlrpc-c-c++-debuginfo-1.51.0-9.el8_10.s390x.rpm | SHA-256: b8c975a7aeb8556ce8b10fea341b848a6ab50b4770a72259dddbb703dd030aa0 |
xmlrpc-c-client++-debuginfo-1.51.0-9.el8_10.s390x.rpm | SHA-256: 306e5af06f88a29e603810a8ba750182dc4b78d669d7dabb184a219270f4f272 |
xmlrpc-c-client-1.51.0-9.el8_10.s390x.rpm | SHA-256: a2378bb0caad23d6342302fda9f0a43bb70ea7d24a36cd1cd05654768c70656b |
xmlrpc-c-client-debuginfo-1.51.0-9.el8_10.s390x.rpm | SHA-256: 193a8734fcffe486fae00befd864c523811df399c8f988458588f5f37e5f74bf |
xmlrpc-c-debuginfo-1.51.0-9.el8_10.s390x.rpm | SHA-256: 7b883c286692c03332adf98c034e8401261744c4781a2273c48f6ebc9d1481a8 |
xmlrpc-c-debugsource-1.51.0-9.el8_10.s390x.rpm | SHA-256: c9d543ac07b75e5693d42edbe7ccc9582c5f65caf3a543117c6aa93b87928318 |
Red Hat Enterprise Linux for Power, little endian 8
SRPM | |
---|---|
xmlrpc-c-1.51.0-9.el8_10.src.rpm | SHA-256: 0163e8f90339feaf066f074078f8bcd9be11c0e4c7d651dcc7a8a053c157e737 |
ppc64le | |
xmlrpc-c-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: 4aa715241c43aad9a4a74a8a07af43719fea52605b249b311b4412bc2faa81d8 |
xmlrpc-c-apps-debuginfo-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: 834e24a3a0cdbc49fe4da1ab721b4545c739f89bf35b86f5f0ebac1a01678ed8 |
xmlrpc-c-c++-debuginfo-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: 15ffef0a5bd212b5cfcb3c331a11f036065c9e532e84e377250f4bee0a90974c |
xmlrpc-c-client++-debuginfo-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: 698b41a42c80e48e17747768f6954ab69d0c363c7eab10f0a0f941f11863dabf |
xmlrpc-c-client-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: c16c307f5566cf43742318420ccca3119fe7d1bddb13159e5a923e456dbb1fb1 |
xmlrpc-c-client-debuginfo-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: ac92f80bf73a4955f9b6e307c0d10f128c93c0ce603fd15ec6857a99bb717069 |
xmlrpc-c-debuginfo-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: aff888895fc6df57bf5de264af04194816bdc82d77f1d962230f747a7fc23465 |
xmlrpc-c-debugsource-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: 4a308b085b583039986a68c2e9299a049c534e786f528ffb1355227456c8033c |
Red Hat Enterprise Linux for ARM 64 8
SRPM | |
---|---|
xmlrpc-c-1.51.0-9.el8_10.src.rpm | SHA-256: 0163e8f90339feaf066f074078f8bcd9be11c0e4c7d651dcc7a8a053c157e737 |
aarch64 | |
xmlrpc-c-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 7a40c8e7d0ae91d7adb86a8b879417c07e665d8e3191348924e43247cc86da92 |
xmlrpc-c-apps-debuginfo-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 04247cf3eab2776501d2e153d101c7a9111df066be7de61c77ed718039cf8a29 |
xmlrpc-c-c++-debuginfo-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 65416771b4baefe29ddfa8315754899fcc8ca58ae1de0261af635eac39cfc2cd |
xmlrpc-c-client++-debuginfo-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 5c7e8bc57b5980cae1e1f142a11cb1c5c72407b696dc71cba980a7b04d4064ec |
xmlrpc-c-client-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 6c3ec987063289e768ce5bf207882719bf1730d0e9c7cc46e41e8271b1d9ebc4 |
xmlrpc-c-client-debuginfo-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 6d4e3d2fc7edf8c5e676217489f1b5df527029b322ed5d42b92369b713b0f985 |
xmlrpc-c-debuginfo-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 254e0b9125e61772459aab9416d69e18d75bbf9b9f0da1a1c12fdf44ad8c9363 |
xmlrpc-c-debugsource-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 26ee2d3e6ff52ee8372d401d2173dcf4ca265705f0a48630a43fd0409f9f2568 |
Red Hat CodeReady Linux Builder for x86_64 8
SRPM | |
---|---|
x86_64 | |
xmlrpc-c-apps-debuginfo-1.51.0-9.el8_10.i686.rpm | SHA-256: a883326ffc2d571138762cba805ea78d4506e1814ed397b9240ab7293e5aa419 |
xmlrpc-c-apps-debuginfo-1.51.0-9.el8_10.x86_64.rpm | SHA-256: 2d0dffadff00b7edcd424fac5f5803cd3b890fe3e6c69c69e90a645668dd4f2a |
xmlrpc-c-c++-1.51.0-9.el8_10.i686.rpm | SHA-256: 8d65cdb3458e05c08ca557b4f561c300a17cc7a572013a211c57f402f67cd66f |
xmlrpc-c-c++-1.51.0-9.el8_10.x86_64.rpm | SHA-256: c4f568cf37130f607bf1575d2ffb105308ad82e368271f570c926aac76d27177 |
xmlrpc-c-c++-debuginfo-1.51.0-9.el8_10.i686.rpm | SHA-256: 7d7396d15f50e176d670ec7d496a1213dad2a8a0fbd3d3454e60522959dab307 |
xmlrpc-c-c++-debuginfo-1.51.0-9.el8_10.x86_64.rpm | SHA-256: f1003be4f131caa78a76dc9b5dc198def186b1fc6268c58e4432b51fe632de44 |
xmlrpc-c-client++-1.51.0-9.el8_10.i686.rpm | SHA-256: 3f4ae47c003d8c0af3ce060dfeedc7f17c4faccf95a49294442356f39af65807 |
xmlrpc-c-client++-1.51.0-9.el8_10.x86_64.rpm | SHA-256: e2840896ac7a610f11d16523b69961288e08d8083bf064694dba060e032eb847 |
xmlrpc-c-client++-debuginfo-1.51.0-9.el8_10.i686.rpm | SHA-256: 850c2726833dfc877676b309fbe52c8d3e0616dfea31c46f2846644526c4a227 |
xmlrpc-c-client++-debuginfo-1.51.0-9.el8_10.x86_64.rpm | SHA-256: ad6fbb5742c522342adcdfd12d7d75484a744626b81ce91a35958e9e107d6b02 |
xmlrpc-c-client-debuginfo-1.51.0-9.el8_10.i686.rpm | SHA-256: 0b392328c21f962288aa654f9da54a10f27c0871e13d321fbd55a510e807cf8a |
xmlrpc-c-client-debuginfo-1.51.0-9.el8_10.x86_64.rpm | SHA-256: 9c5493ed452caf48265c7328b85c66a485a7b5e8a852293d699f79f45242b99e |
xmlrpc-c-debuginfo-1.51.0-9.el8_10.i686.rpm | SHA-256: 55897a1aaadfdc8f6d3ed9d455fb11e3b1353a286688969fb25fac75f379cfdf |
xmlrpc-c-debuginfo-1.51.0-9.el8_10.x86_64.rpm | SHA-256: 2accf8d6b293ceb8e8a38f73c5ab86eba502b5e4910d55150ebf85707fe08394 |
xmlrpc-c-debugsource-1.51.0-9.el8_10.i686.rpm | SHA-256: a6f374bc1eb673827bd22394d9a659861c15e1b956c4e9c8db65e3aaaee2fd0f |
xmlrpc-c-debugsource-1.51.0-9.el8_10.x86_64.rpm | SHA-256: 2aa1b38080012fac929632ff2ccd391b3c07262473bb96fd073d9012cdcdea02 |
xmlrpc-c-devel-1.51.0-9.el8_10.i686.rpm | SHA-256: 34d7351e55f467db0838e7f069b273e254c9b3cae4eb1c26098df5c7fd7e8813 |
xmlrpc-c-devel-1.51.0-9.el8_10.x86_64.rpm | SHA-256: 26485ebf129a4b1c595f2ac41ddca80701b8f7465591005716571b2e12b22911 |
Red Hat CodeReady Linux Builder for Power, little endian 8
SRPM | |
---|---|
ppc64le | |
xmlrpc-c-apps-debuginfo-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: 834e24a3a0cdbc49fe4da1ab721b4545c739f89bf35b86f5f0ebac1a01678ed8 |
xmlrpc-c-c++-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: 8ada86eaeb4f6e1b3eeebdec5ce441ea8c75314a87a93bc415f88cb367abf134 |
xmlrpc-c-c++-debuginfo-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: 15ffef0a5bd212b5cfcb3c331a11f036065c9e532e84e377250f4bee0a90974c |
xmlrpc-c-client++-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: 3709dff2b08d2d6c8915a13bd14d26ba09566408d1660d5ad61889dd89ffe190 |
xmlrpc-c-client++-debuginfo-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: 698b41a42c80e48e17747768f6954ab69d0c363c7eab10f0a0f941f11863dabf |
xmlrpc-c-client-debuginfo-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: ac92f80bf73a4955f9b6e307c0d10f128c93c0ce603fd15ec6857a99bb717069 |
xmlrpc-c-debuginfo-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: aff888895fc6df57bf5de264af04194816bdc82d77f1d962230f747a7fc23465 |
xmlrpc-c-debugsource-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: 4a308b085b583039986a68c2e9299a049c534e786f528ffb1355227456c8033c |
xmlrpc-c-devel-1.51.0-9.el8_10.ppc64le.rpm | SHA-256: aeea3ce728dc64ae95e894f09197a05c8198b0e9630bc581747d3c262a397c1e |
Red Hat CodeReady Linux Builder for ARM 64 8
SRPM | |
---|---|
aarch64 | |
xmlrpc-c-apps-debuginfo-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 04247cf3eab2776501d2e153d101c7a9111df066be7de61c77ed718039cf8a29 |
xmlrpc-c-c++-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 35fe8b0a5cb76e1cafbba7ca4bd010c2a5e6f856a9457a010f57e39c082d3862 |
xmlrpc-c-c++-debuginfo-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 65416771b4baefe29ddfa8315754899fcc8ca58ae1de0261af635eac39cfc2cd |
xmlrpc-c-client++-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 888836b928b7bb3e81917fac023cce251e6539cbac182bcb2933b9c74817bbe0 |
xmlrpc-c-client++-debuginfo-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 5c7e8bc57b5980cae1e1f142a11cb1c5c72407b696dc71cba980a7b04d4064ec |
xmlrpc-c-client-debuginfo-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 6d4e3d2fc7edf8c5e676217489f1b5df527029b322ed5d42b92369b713b0f985 |
xmlrpc-c-debuginfo-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 254e0b9125e61772459aab9416d69e18d75bbf9b9f0da1a1c12fdf44ad8c9363 |
xmlrpc-c-debugsource-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 26ee2d3e6ff52ee8372d401d2173dcf4ca265705f0a48630a43fd0409f9f2568 |
xmlrpc-c-devel-1.51.0-9.el8_10.aarch64.rpm | SHA-256: 4466c74a0d80c93d183025f3571be6077a66edb522e40607101685d4a0014492 |
Red Hat CodeReady Linux Builder for IBM z Systems 8
SRPM | |
---|---|
s390x | |
xmlrpc-c-apps-debuginfo-1.51.0-9.el8_10.s390x.rpm | SHA-256: 57556b91d03fd264c68e8877c5ac6c2e6bb01ab860ccb172b453fe79935a84f5 |
xmlrpc-c-c++-1.51.0-9.el8_10.s390x.rpm | SHA-256: d9432cad2486da4026eef71ca7febca185231556318d3f33329a3053a859d874 |
xmlrpc-c-c++-debuginfo-1.51.0-9.el8_10.s390x.rpm | SHA-256: b8c975a7aeb8556ce8b10fea341b848a6ab50b4770a72259dddbb703dd030aa0 |
xmlrpc-c-client++-1.51.0-9.el8_10.s390x.rpm | SHA-256: 2a708ebe6c52d5c857efa8c71af26adcf0ae61ee1b1c8844c71d532404f0da48 |
xmlrpc-c-client++-debuginfo-1.51.0-9.el8_10.s390x.rpm | SHA-256: 306e5af06f88a29e603810a8ba750182dc4b78d669d7dabb184a219270f4f272 |
xmlrpc-c-client-debuginfo-1.51.0-9.el8_10.s390x.rpm | SHA-256: 193a8734fcffe486fae00befd864c523811df399c8f988458588f5f37e5f74bf |
xmlrpc-c-debuginfo-1.51.0-9.el8_10.s390x.rpm | SHA-256: 7b883c286692c03332adf98c034e8401261744c4781a2273c48f6ebc9d1481a8 |
xmlrpc-c-debugsource-1.51.0-9.el8_10.s390x.rpm | SHA-256: c9d543ac07b75e5693d42edbe7ccc9582c5f65caf3a543117c6aa93b87928318 |
xmlrpc-c-devel-1.51.0-9.el8_10.s390x.rpm | SHA-256: 378b32e84db5b980188eec35f46acbca2654b2293ec1ccf0a4b387a7977b2983 |
Le contact Red Hat Security est secalert@redhat.com. Plus d'infos contact à https://access.redhat.com/security/team/contact/.