MDVSA-2014:086 -- Mandriva libxml2ID: oval:org.secpod.oval:def:1300301 | Date: (C)2014-06-11 (M)2022-10-10 |
Class: PATCH | Family: unix |
Updated libxml2 packages fix security vulnerability: It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially-crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors .
Platform: |
Mandriva Enterprise Server 5.2 |