Advisories » MGASA-2018-0381

Updated xml-security-c packages fix security vulnerability

Publication date: 21 Sep 2018
Modification date: 21 Sep 2018
Type: security
Affected Mageia releases : 6

Description

It was discovered that the Apache XML Security for C++ library performed
insufficient validation of KeyInfo hints, which could result in denial of
service via NULL pointer dereferences when processing malformed XML data.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=23401
• https://issues.apache.org/jira/projects/SANTUARIO/issues/SANTUARIO-491

SRPMS

6/core

• xml-security-c-1.7.3-2.1.mga6