From Mageia wiki
Jump to: navigation, search

MGASA-2012-0157

Date: July 10th, 2012
Affected releases: 1, 2


Description:
Updated python-feedparser package fixes security vulnerability:

Universal Feed Parser (aka feedparser or python-feedparser) before
5.1.2 allows remote attackers to cause a denial of service (memory
consumption) via a crafted XML ENTITY declaration in a non-ASCII
encoded document (CVE-2012-2921).


Updated Packages:
Mageia 1:
python-feedparser-5.1.2-1.mga1

Mageia 2:
python-feedparser-5.1.2-1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2921
http://www.ubuntu.com/usn/usn-1449-1/
https://bugs.mageia.org/show_bug.cgi?id=6510