An updated xerces-c package that fixes one security issue is now availablefor Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having Moderate securityimpact. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available from the CVE link in theReferences section.

Xerces-C is a validating XML parser written in a portable subset of C++.A flaw was found in the way the Xerces-C XML parser processed certain XMLdocuments. A remote attacker could provide specially crafted XML inputthat, when parsed by an application using Xerces-C, would cause thatapplication to crash. (CVE-2015-0252)All xerces-c users are advised to upgrade to this updated package, whichcontains a backported patch to correct this issue.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux Desktop (v. 7)

SRPMS:
xerces-c-3.1.1-7.el7_1.src.rpm
    MD5: d429522aeb6320366b20271fbb64a90fSHA-256: 0b216f5be3705a4a9b2b2dee5b4b360938fc878c7a43e4812b2d2760808a4d79
 
x86_64:
xerces-c-3.1.1-7.el7_1.i686.rpm
    MD5: dad05258a488568a4b3d506c62e5e7c2SHA-256: 64c703957535ea5fae457d2e74015a96fe96bfd1ecaaaf4a6bd10d84f6110310
xerces-c-3.1.1-7.el7_1.x86_64.rpm
    MD5: 97111a0c738de8db92de239539212e1bSHA-256: 4841bd969a087b9d2561dda0957dc719f7c4fb281e545645bd87361210ff6175
xerces-c-debuginfo-3.1.1-7.el7_1.i686.rpm
    MD5: 50392a5bc3d7ff28aae3202e1da78af4SHA-256: 648075f4265a75f3030f87c79ed93b760b7cd78b6f0336ddf84a48d352c60f36
xerces-c-debuginfo-3.1.1-7.el7_1.x86_64.rpm
    MD5: 791ab590d6d07c8235e72a780b0a4039SHA-256: 467813a9c68fc8ac2f1e966c8db3a682d69e2e536676c1bd990fabbcdbdadd8d
xerces-c-devel-3.1.1-7.el7_1.i686.rpm
    MD5: 9e3b14a837cc9793b4396949d9177078SHA-256: 2a9b981a486a6d3919c85712e186c6c0d7020e49baaee79007feab691d41dc1a
xerces-c-devel-3.1.1-7.el7_1.x86_64.rpm
    MD5: 1f7bd4fc332bf0d96c38742f60178e64SHA-256: 8ead9061facd512519d7bcc7998f398ab519f181f1401dbf82092fcae7699d66
xerces-c-doc-3.1.1-7.el7_1.noarch.rpm
    MD5: ed0bec34892dc99c851231993af310daSHA-256: 3f5bcb70bcfa56713a87b5acdc7b0a5e7e1e8a7f618af2f294e685c9355e4c39
 
Red Hat Enterprise Linux Server (v. 7)

SRPMS:
xerces-c-3.1.1-7.el7_1.src.rpm
    MD5: d429522aeb6320366b20271fbb64a90fSHA-256: 0b216f5be3705a4a9b2b2dee5b4b360938fc878c7a43e4812b2d2760808a4d79
 
PPC:
xerces-c-3.1.1-7.el7_1.ppc.rpm
    MD5: 32c8a3036bf1940c447bc3408d3ca3a9SHA-256: b1ed0e0b422079076fc6d73c37f4c2f811d771fc19fe3453fb73e88dc080a311
xerces-c-3.1.1-7.el7_1.ppc64.rpm
    MD5: bbe947a9177655153947a3bc93c78c9dSHA-256: 2c9ebc603d49e6b618d3be2c2762752f601e6ebd34a77411d13733bb687773d0
xerces-c-debuginfo-3.1.1-7.el7_1.ppc.rpm
    MD5: 65e51513987496dc657554fbae752d49SHA-256: 8ed6ba276d7018d2fc52295cc81453c65159ae9ce43ca922022dd54029dd75a6
xerces-c-debuginfo-3.1.1-7.el7_1.ppc64.rpm
    MD5: 3d7d9abe3179ce5cb541507c51e4ef1aSHA-256: af0f635604a387cb76df41b531fc38780120eacd699afed53337cd729b093b7e
xerces-c-devel-3.1.1-7.el7_1.ppc.rpm
    MD5: 3fa70f33a00c4b0cc33749be3d8d80b1SHA-256: 223f1271b493548749e05a715573ccfad6b34b3eeeb96cd919c46e0d5c9022b8
xerces-c-devel-3.1.1-7.el7_1.ppc64.rpm
    MD5: 30cbafc691a0d41c8194a9fe94b90075SHA-256: 37dee08516b46e40c1c1c15b6fb31c89b3b9a063595de0c39ca84ca77f25d87c
xerces-c-doc-3.1.1-7.el7_1.noarch.rpm
    MD5: ed0bec34892dc99c851231993af310daSHA-256: 3f5bcb70bcfa56713a87b5acdc7b0a5e7e1e8a7f618af2f294e685c9355e4c39
 
s390x:
xerces-c-3.1.1-7.el7_1.s390.rpm
    MD5: 0f85939a87704f577fd612523a41630bSHA-256: 7316dd1427f16bec5c76504159d7361736ba9c9a92d0cd9260ea25869f420f23
xerces-c-3.1.1-7.el7_1.s390x.rpm
    MD5: 1d34e19322bf5b13382b501f6f743734SHA-256: 660f07ba19915b755df1611fb08d531c6c0f655ea763bcb91151d55805b85967
xerces-c-debuginfo-3.1.1-7.el7_1.s390.rpm
    MD5: 658fca3a69a7fc42fdb44d808bbc2dcfSHA-256: ad253e11b6a2abe546994236251e9072c75f136fb2cf2574d834c533254788f6
xerces-c-debuginfo-3.1.1-7.el7_1.s390x.rpm
    MD5: cdee8db0f222acd08e5b8c2d3baefb1dSHA-256: d039f93f582a55dbd11c957d1b3d3b82af5ef221933c49f5c0a463fc4141a5d1
xerces-c-devel-3.1.1-7.el7_1.s390.rpm
    MD5: 9e3204d7ce77e2559f1d4acc68ce1604SHA-256: ce1172d9a9603c257b9c07c84bd6e7bb4f5abdc5aa37b6bac314ededb77e7202
xerces-c-devel-3.1.1-7.el7_1.s390x.rpm
    MD5: 8ec3e3633ba40092e99d58a48597acbaSHA-256: 18e189b68f43f399be9b8edfc1048b908f0bc0eb80de3bb237c5dabf1d98ff34
xerces-c-doc-3.1.1-7.el7_1.noarch.rpm
    MD5: ed0bec34892dc99c851231993af310daSHA-256: 3f5bcb70bcfa56713a87b5acdc7b0a5e7e1e8a7f618af2f294e685c9355e4c39
 
x86_64:
xerces-c-3.1.1-7.el7_1.i686.rpm
    MD5: dad05258a488568a4b3d506c62e5e7c2SHA-256: 64c703957535ea5fae457d2e74015a96fe96bfd1ecaaaf4a6bd10d84f6110310
xerces-c-3.1.1-7.el7_1.x86_64.rpm
    MD5: 97111a0c738de8db92de239539212e1bSHA-256: 4841bd969a087b9d2561dda0957dc719f7c4fb281e545645bd87361210ff6175
xerces-c-debuginfo-3.1.1-7.el7_1.i686.rpm
    MD5: 50392a5bc3d7ff28aae3202e1da78af4SHA-256: 648075f4265a75f3030f87c79ed93b760b7cd78b6f0336ddf84a48d352c60f36
xerces-c-debuginfo-3.1.1-7.el7_1.x86_64.rpm
    MD5: 791ab590d6d07c8235e72a780b0a4039SHA-256: 467813a9c68fc8ac2f1e966c8db3a682d69e2e536676c1bd990fabbcdbdadd8d
xerces-c-devel-3.1.1-7.el7_1.i686.rpm
    MD5: 9e3b14a837cc9793b4396949d9177078SHA-256: 2a9b981a486a6d3919c85712e186c6c0d7020e49baaee79007feab691d41dc1a
xerces-c-devel-3.1.1-7.el7_1.x86_64.rpm
    MD5: 1f7bd4fc332bf0d96c38742f60178e64SHA-256: 8ead9061facd512519d7bcc7998f398ab519f181f1401dbf82092fcae7699d66
xerces-c-doc-3.1.1-7.el7_1.noarch.rpm
    MD5: ed0bec34892dc99c851231993af310daSHA-256: 3f5bcb70bcfa56713a87b5acdc7b0a5e7e1e8a7f618af2f294e685c9355e4c39
 
Red Hat Enterprise Linux Workstation (v. 7)

SRPMS:
xerces-c-3.1.1-7.el7_1.src.rpm
    MD5: d429522aeb6320366b20271fbb64a90fSHA-256: 0b216f5be3705a4a9b2b2dee5b4b360938fc878c7a43e4812b2d2760808a4d79
 
x86_64:
xerces-c-3.1.1-7.el7_1.i686.rpm
    MD5: dad05258a488568a4b3d506c62e5e7c2SHA-256: 64c703957535ea5fae457d2e74015a96fe96bfd1ecaaaf4a6bd10d84f6110310
xerces-c-3.1.1-7.el7_1.x86_64.rpm
    MD5: 97111a0c738de8db92de239539212e1bSHA-256: 4841bd969a087b9d2561dda0957dc719f7c4fb281e545645bd87361210ff6175
xerces-c-debuginfo-3.1.1-7.el7_1.i686.rpm
    MD5: 50392a5bc3d7ff28aae3202e1da78af4SHA-256: 648075f4265a75f3030f87c79ed93b760b7cd78b6f0336ddf84a48d352c60f36
xerces-c-debuginfo-3.1.1-7.el7_1.x86_64.rpm
    MD5: 791ab590d6d07c8235e72a780b0a4039SHA-256: 467813a9c68fc8ac2f1e966c8db3a682d69e2e536676c1bd990fabbcdbdadd8d
xerces-c-devel-3.1.1-7.el7_1.i686.rpm
    MD5: 9e3b14a837cc9793b4396949d9177078SHA-256: 2a9b981a486a6d3919c85712e186c6c0d7020e49baaee79007feab691d41dc1a
xerces-c-devel-3.1.1-7.el7_1.x86_64.rpm
    MD5: 1f7bd4fc332bf0d96c38742f60178e64SHA-256: 8ead9061facd512519d7bcc7998f398ab519f181f1401dbf82092fcae7699d66
xerces-c-doc-3.1.1-7.el7_1.noarch.rpm
    MD5: ed0bec34892dc99c851231993af310daSHA-256: 3f5bcb70bcfa56713a87b5acdc7b0a5e7e1e8a7f618af2f294e685c9355e4c39
 
(The unlinked packages above are only available from the Red Hat Network)
1199103 – CVE-2015-0252 xerces-c: crashes on malformed input

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply