-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2988-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz May 01, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : tinyxml Version : 2.6.2-4+deb9u1 CVE ID : CVE-2021-42260 An issue has been found in tinyxml, a C++ XML parsing library. Crafted XML messages could lead to an infinite loop in TiXmlParsingData::Stamp(), which results in a denial of service. For Debian 9 stretch, this problem has been fixed in version 2.6.2-4+deb9u1. We recommend that you upgrade your tinyxml packages. For the detailed security status of tinyxml please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tinyxml Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmJtt05fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEcUNg/9F8Z7tLXOn52x0WtiIhpcXbkBBXXNBAcpo7ctSRynwBArEJsJNZoyHudj m3QvIWdusgOvFPMsdhhLW85y3BlcWjLURoVmuI/6LbbzYXUqKnA8gwUxPS6AeolJ bjJLelwkRk3grU5aiEjRP6/oXqnAJANU9O9fTahcRgD0pP2onJfajPQyPYuSY/3+ tSszsxVrgsimtK55NC+mg+oNanAaISlLN8wFYBq9nLBtHHUwMlSR/J3t5eJ85hfn gqzgLXAG3j2SC0qkGrL4lDZiCWhoRHZvFV8lciC32UHxvcxtxBAjrXIkST+zbLTy BrUNX2vCBS6Bj7Z9SqybxpJU5Xh62S4ALdTiLLlCy683sbzCuJmUyuW4HjL+XXy+ 5t/qg4rHv/CdmgfAE5vcpEgSD0Fjl0t00TM8jfUz5VktG3XAmxjNHRhHksSf8fBZ t5uDMVJlx3ybjMDvIawrJPKmUB/mO0IoiFnRWLcMrr2lK8cNBvQSNlRS5PGyMx8x LdzAd2QikNqrL5sCVvlxE0zstnfAYgwSy84c64FYqQ4axjEA7+Ps8Knoih1XKSH9 kDwjiIumlwDQLT6qhFUT18Gy/dtcXdYAvhd3aZQSomapAHDRCpfSg49DY2mrlCdv n5vQitWoIKpn+uX4y38x9Uvbeqce0lScX0bgoUFjYi7nRcVv5d0= =MD82 -----END PGP SIGNATURE-----
