Advisories » MGASA-2026-0063

Updated perl-XML-Parser packages fix security vulnerabilities

Publication date: 24 Mar 2026
Modification date: 24 Mar 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2006-10002 , CVE-2006-10003

Description

XML::Parser versions through 2.47 for Perl could overflow the
pre-allocated buffer size causing a heap corruption (double free or
corruption) and crashes. (CVE-2006-10002)
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer
overflow in st_serial_stack. (CVE-2006-10003)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=35238
• https://www.openwall.com/lists/oss-security/2026/03/19/1
• https://www.openwall.com/lists/oss-security/2026/03/19/2
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-10002
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-10003

SRPMS

9/core

• perl-XML-Parser-2.460.0-6.1.mga9