(RHSA-2018:2317) Moderate: xmlrpc security update

ID RHSA-2018:2317
Type redhat
Reporter RedHat
Modified 2018-07-31T21:25:10


XML-RPC is a way to make remote procedure calls over the Internet. It converts procedure calls into XML documents, sends them to a remote server using the HTTP protocol, and gets back the response as XML.

The following packages have been upgraded to a later upstream version: xmlrpc (3.1.3). (BZ#1594618)

Security Fix(es):

  • xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag (CVE-2016-5003)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.