ALSA-2022:7692

[ALSA-2022:7692] Moderate: xmlrpc-c security update

Type:

security

Severity:

moderate

Release date:

2022-11-14

Description:

XML-RPC is a remote procedure call (RPC) protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC (remote procedure call) over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML.

Security Fix(es):

* expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143)
* expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822)
* expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823)
* expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824)
* expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825)
* expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826)
* expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	xmlrpc-c-1.51.0-8.el8.aarch64.rpm	23220fd19278893980c4a673f6421aa2ad72ebf69cc9f8f0d1b04a1878c91fe7
aarch64	xmlrpc-c-client++-1.51.0-8.el8.aarch64.rpm	31dd6b2a0928b655c768c9e6bc8855dd1eaad2724ef73e28783b37dcf166b2fe
aarch64	xmlrpc-c-client-1.51.0-8.el8.aarch64.rpm	780d1e9216c91b004c598047ebb37fc52ac48c2c6664bc285a7677dc5744822b
aarch64	xmlrpc-c-c++-1.51.0-8.el8.aarch64.rpm	f6ee97f46ccc356289e6a688afd933d8d73636c6c428cf693412ea7b35ec32e5
aarch64	xmlrpc-c-devel-1.51.0-8.el8.aarch64.rpm	ff983889915fb6b0f6028c72629ac3d25558e2afd10667a18ba35aab3d695eb2
i686	xmlrpc-c-1.51.0-8.el8.i686.rpm	0c412c3b0424c80fdc4a4ed711a4d31073d7acc99a598b0d32427683618ef5ae
i686	xmlrpc-c-devel-1.51.0-8.el8.i686.rpm	4300e0c5f0843ecc8f937bc949438a9eaeb34a58ba95eef7145d7afebc104251
i686	xmlrpc-c-client-1.51.0-8.el8.i686.rpm	a18c8daf0f337b1e88a547f405b3284596974ae71b11cf0cc40e111347584cd6
i686	xmlrpc-c-client++-1.51.0-8.el8.i686.rpm	c6560b565a358db0652722b58275fc7977fa279b0041125c78d801dc08797a1a
i686	xmlrpc-c-c++-1.51.0-8.el8.i686.rpm	e3e8699923f28bdb694506d4eea3c9ccd0a991907368c0703e65e769601e3a4c
ppc64le	xmlrpc-c-1.51.0-8.el8.ppc64le.rpm	02c4f4e3c4cdf4b182623c52a9b98ddea315f51baeaf48e10329ca3e4efcc0cc
ppc64le	xmlrpc-c-client++-1.51.0-8.el8.ppc64le.rpm	86ace51215a186faa9b99f4b5fe46f9d8857929f5b217f8fc942a2fc10f14caf
ppc64le	xmlrpc-c-c++-1.51.0-8.el8.ppc64le.rpm	bc469d1872acb891734aaf6abb99558e046c27cef397a09ef5014088b66fa4d4
ppc64le	xmlrpc-c-client-1.51.0-8.el8.ppc64le.rpm	d363499e15177ce75376369d4612bdf04acf3be5dee3435b6bea6bb697c5904b
ppc64le	xmlrpc-c-devel-1.51.0-8.el8.ppc64le.rpm	f4f86caba4e7b26125fc1730a9d5c42288667fa6b87b12cee4ce6e759d34e733
s390x	xmlrpc-c-client++-1.51.0-8.el8.s390x.rpm	0f34af37e2a60d4c5c5ccff4944f8d64a92cd363d6c3868dcfcff8e2eb8b74ca
s390x	xmlrpc-c-devel-1.51.0-8.el8.s390x.rpm	11f23f2e48ad996ed5f4790a37a9bdb23640fe31175eb704e11fb78844dab957
s390x	xmlrpc-c-c++-1.51.0-8.el8.s390x.rpm	2fbeff89f81f7267aa7b8327b1d2d29e24d09b64768b8b0ead3a3a4edf7ba273
s390x	xmlrpc-c-client-1.51.0-8.el8.s390x.rpm	48aa09bce243f6357362d5aa514b584198027ded720d35880eb9cfd5a8f00608
s390x	xmlrpc-c-1.51.0-8.el8.s390x.rpm	d6f3bb583f0c8a22eaf60c977710ed10115e80190a2b89113a7e04afb99db965
x86_64	xmlrpc-c-client-1.51.0-8.el8.x86_64.rpm	1397c25c2c1e5cb44abbb42248597d3a52508d21039687aef2b18ba7ae9fde9d
x86_64	xmlrpc-c-1.51.0-8.el8.x86_64.rpm	97dc86143c5183f7eb6b7217956ace697ed83a322cec98cf0d51e2261519e325
x86_64	xmlrpc-c-client++-1.51.0-8.el8.x86_64.rpm	abb15f4b586947ff6cd02f1d4952c1a6c291af0f1c264994b7cf781dfc6009e1
x86_64	xmlrpc-c-c++-1.51.0-8.el8.x86_64.rpm	c878bb72456e50c155f634d4379fa4631bfd762c51066f60d4ffd8a389b7657c
x86_64	xmlrpc-c-devel-1.51.0-8.el8.x86_64.rpm	f832ca0dfcc7247bead94a379d4e73b1e368e1fe07818bdea06b70d1b9a9e0af

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.