Mageia 2021-0144: xmlgraphics-commons security update
Summary
The Apache XML Graphics Commons library is vulnerable to SSRF via the XMPParser
that allow an attacker to cause the underlying server to make arbitrary GET
requests (CVE-2020-11988).
References
- https://bugs.mageia.org/show_bug.cgi?id=28440
- https://www.openwall.com/lists/oss-security/2021/02/24/1
- https://xmlgraphics.apache.org/security.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11988
Resolution
MGASA-2021-0144 - Updated xmlgraphics-commons packages fix a security vulnerability
SRPMS
- 7/core/xmlgraphics-commons-2.6-1.mga7
- 8/core/xmlgraphics-commons-2.6-1.mga8