Updated log4net packages fix security vulnerabilityPublication date: 27 May 2020
Affected Mageia releases : 7
Updated log4net packages fix security vulnerability This patch fixes a security vulnerabiliy reported by Karthik Balasundaram. The security vulnerability was found in the way how log4net parses xml configuration files where it allowed to process XML External Entity Processing. An attacker could use this as an attack vector if he could modify the XML configuration file.