Advisories » MGASA-2026-0137

Updated perl-XML-LibXML packages fix security vulnerability

Publication date: 14 May 2026
Modification date: 14 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-8177

Description

XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap
memory when parsing XML node names containing truncated UTF-8 byte
sequences. (CVE-2026-8177)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=35507
• https://www.openwall.com/lists/oss-security/2026/05/10/8
• https://github.com/cpan-authors/XML-LibXML/issues/146
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8177

SRPMS

9/core

• perl-XML-LibXML-2.20.800-3.1.mga9