Updated xml-security package fixes security vulnerability
Publication date: 06 Jan 2014Type: security
Affected Mageia releases : 3
CVE: CVE-2013-2172
Description
James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures (CVE-2013-2172).
References
SRPMS
3/core
- xml-security-1.5.5-1.mga3