MGASA-2022-0084 - Updated libxml2 packages fix security vulnerability

Publication date: 06 Mar 2022
URL: https://advisories.mageia.org/MGASA-2022-0084.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-23308

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF
attributes. (CVE-2022-23308)

References:
- https://bugs.mageia.org/show_bug.cgi?id=30094
- https://lists.fedoraproject.org/archives/list/[email protected]/thread/MVLDYFVW63Y6ZSHIC6VGRIM6UJ6XLSR4/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308

SRPMS:
- 8/core/libxml2-2.9.10-7.3.mga8