Advisories » MGASA-2021-0595

Updated python-lxml packages fix security vulnerability

Publication date: 30 Dec 2021
Modification date: 30 Dec 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-43818

Description

HTML Cleaner allows crafted and SVG embedded scripts to pass through
(CVE-2021-43818)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=29817
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43818

SRPMS

8/core

• python-lxml-4.6.5-1.mga8