Advisories ยป MGASA-2023-0279

Updated libxml2 packages fix a security vulnerability

Publication date: 30 Sep 2023
Type: security
Affected Mageia releases : 8 , 9
CVE: CVE-2023-39615

Description

The updated packages fix a security vulnerability:

Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability
allows attackers to cause a Denial of Service (DoS) via supplying a
crafted XML file. (CVE-2023-39615).
                

References

SRPMS

9/core

8/core