Updated libxml2 packages fix a security vulnerability
Publication date: 30 Sep 2023Modification date: 30 Sep 2023
Type: security
Affected Mageia releases : 8 , 9
CVE: CVE-2023-39615
Description
The updated packages fix a security vulnerability: Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. (CVE-2023-39615).
References
SRPMS
8/core
- libxml2-2.9.10-7.8.mga8
9/core
- libxml2-2.10.4-1.1.mga9