Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 754
Alerts This Week
Warning Icon 1 754

Mageia 8 MGASA-2022-0183 Moderate Expat Encoding Failure

mageia
Calendar Grey May 15, 2022
Dist Mageia Esm H88
The recent xmlrpc-c updates focus on fixing encoding validation issues and vulnerabilities found in the Expat library, enhancing security and XML data processing
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context

Summary

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235)

References

- https://bugs.mageia.org/show_bug.cgi?id=30351

- https://access.redhat.com/errata/RHSA-2022:1643

- https://www.cve.org/CVERecord?id=CVE-2022-25235

Resolution

SRPMS

- 8/core/xmlrpc-c-1.51.06-1.1.mga8

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 15 May 2022
URL: https://advisories.mageia.org/MGASA-2022-0183.html
Type: security
CVE: CVE-2022-25235

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.