Updated xml-security packages fix CVE-2013-4517
Publication date: 31 Dec 2014Modification date: 31 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2013-4517
Description
Updated xml-security packages fixes security vulnerability:
Apache Santuario XML Security for Java before 1.5.6, when applying
Transforms, allows remote attackers to cause a denial of service (memory
consumption) via crafted Document Type Definitions (DTDs), related to
signatures (CVE-2013-4517).
References
SRPMS
4/core
- xml-security-1.5.7-1.mga4