-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3130-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 01, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : tinyxml Version : 2.6.2-4+deb10u1 CVE ID : CVE-2021-42260 An issue has been found in tinyxml, a C++ XML parsing library. Crafted XML messages could lead to an infinite loop in TiXmlParsingData::Stamp(), which results in a denial of service. For Debian 10 buster, this problem has been fixed in version 2.6.2-4+deb10u1. We recommend that you upgrade your tinyxml packages. For the detailed security status of tinyxml please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tinyxml Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmM3eKVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEePGw/8DQcXp1Jyc28yRb84ky8VJnyWHH7F5fDuRMKEqLv8kGeAea3251c1fTH/ vgwJbrvNuau3A3LUslVahkEoLfzPd801c1AlBH1ielJGmkns3KTOoRFGqEROnLgf O0WWlhjRtE4g+z/9GiVhZa44gBhwxftxzvEUxg+vScA1kzAKJB5OstUb4JJms8lF YvOmUpDBoIryl3fRfKHf4AqF+0heDerCqf1Va+1bdM34i86H0sBJuJYU+W5WW0j8 vNC2l7jcZyFkp/QdS+rzoWEBRfrFryM6yP6iA2o13cXAv/t15S3aDle2bRvUHjwz mwxrZTX47T8PnzH4c+DM6WVcuOsGRvpmZaPBgwQHbljtVj3GnuYdXMwvwP9oEZxT oYjuqxe8/sAqQMebYcxVzL7H15uztS9ZnE0bZ0tUhIYZM1DMgTSISoL5mTNClk0J nqINNIc4X5a7y9HOuItSluOAZmL0ovAuiAgj7GtePftEHlLEDOxOKovbl1uSTUfD rHzJQ1BX1+H1QDbP5o+lqrBu2NDon3nWOF3PgyGqqkUDs0y9MgJUwe9ZgroJom6O CGqYXfGd6VxlvHpGhC0RX2pcXukkNobzn2Jk+iSj1ro77dVSvdIVNU29CmjYKp+r OOJ9IKDL0ZcxNZ+vEcxP0b8+fg4oZCvzZAQ9edU1fWRM2gh7fDk= =GrEH -----END PGP SIGNATURE-----
