Updated xerces-c packages fix security vulnerability
Publication date: 20 May 2016Modification date: 20 May 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-2099
Description
Gustavo Grieco discovered an use-after-free vulnerability in xerces-c, due to not properly handling invalid characters in XML input documents in the DTDScanner (CVE-2016-2099).
References
SRPMS
5/core
- xerces-c-3.1.2-1.2.mga5