-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2696-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb June 29, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : libjdom2-java Version : 2.0.6-1+deb9u1 CVE ID : CVE-2021-33813 It was discovered that there was an XML External Entity (XXE) issue in libjdom2-java, a library for reading and manipulating XML documents. Attackers could have caused a denial of service attack via a specially-crafted HTTP request. For Debian 9 "Stretch", this problem has been fixed in version 2.0.6-1+deb9u1. We recommend that you upgrade your libjdom2-java packages. For the detailed security status of libjdom2-java please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libjdom2-java Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmDbAAEACgkQHpU+J9Qx HlhR0Q/9Gc2phd5wpPcCixL5yCYso1WhEvnUYWXVtEcTLf4PRRK/IbNDnBknv4Fz 1aW5CfkX9G55cMQUE3VcKxIyvygRlNlfgcnP39s7whtuCmPYsCgL6ycw/2a1Q2Lw fAYkPECsfhhs0i3lur3lS3scCEWHrAVrg0Bt19/22fNvxlYoybuEe7xApR617CCA utcZd2lkedGHHAFbTSs8haQIy4ennlMSaBrWAIe3mogsJWdeBYTHPmiwMuLj0ISG 7CETMG82yraPBcCGtFIaKDvWuInnHcxkZ2m8v6oohZ5JM2zCcnnzQe2qow6E7N7l +QdUt7uD03KLEaIzIjM800PlhdODxt3rXPrZwEDKyxiFFthb+VE7rIx32qQHgROm 5mLs5mmhzO0tJvEMn485GVwtJkmg56EgSfhhs6gbpkCN13bHsMp1RiuV1PipeiVo qfv/uxjK9S/W0KYYz3bTOLwmKHDMhzxJyFwcyOIjoaB3gzS/stpEU4wycefgx1mw gB3uwerFqLGmYXEjRw2IV7rM8OULze7ODbbNSYtVoDdaViik0LBATpZ/0IiY/AkI CfM7vMyS2vk7jLkbEdnGfpm5Cel4ZW7HFxrJhnC9uPO2OtWYc892vmNx4Im5eBLg VlvITE7GofIPNuBf/FptVYULRIxGUn5LvG8BouzK8bYDDYwyDdU= =yKZF -----END PGP SIGNATURE-----
