From Mageia wiki
MGASA-2012-0157
Date: | July 10th, 2012 |
Affected releases: | 1, 2 |
Description:
Updated python-feedparser package fixes security vulnerability:
Universal Feed Parser (aka feedparser or python-feedparser) before
5.1.2 allows remote attackers to cause a denial of service (memory
consumption) via a crafted XML ENTITY declaration in a non-ASCII
encoded document (CVE-2012-2921).
Updated Packages:
Mageia 1:
python-feedparser-5.1.2-1.mga1
Mageia 2:
python-feedparser-5.1.2-1.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2921
http://www.ubuntu.com/usn/usn-1449-1/
https://bugs.mageia.org/show_bug.cgi?id=6510