Updated jackson-dataformat-xml packages fix CVE-2016-3720
Publication date: 13 May 2016Modification date: 13 May 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-3720
Description
Updated jackson-dataformat-xml packages fix security vulnerability: It was reported that XmlMapper in jackson-dataformat-xml is vulnerable to XXE attack ("Improper Restriction of XML External Entity Reference") (CVE-2016-3720).
References
SRPMS
5/core
- jackson-dataformat-xml-2.4.3-3.1.mga5