FEDORA-2018-1ec08a2143

security update in Fedora 26 for xmlrpc

Status: obsolete

Security fix for CVE-2016-5003, CVE-2016-5002

Comments 3

This update has been submitted for testing by msimacek.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
obsolete
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted a year ago
in testing a year ago

Related Bugs 4

00 #1508110 CVE-2016-5002 xmlrpc: XML external entity vulnerability SSRF via a crafted DTD
00 #1508111 CVE-2016-5002 xmlrpc: XML external entity vulnerability SSRF via a crafted DTD [fedora-all]
00 #1508123 CVE-2016-5003 xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag</ex:serializable>
00 #1508124 CVE-2016-5003 xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag [fedora-all]</ex:serializable>

Automated Test Results