The updated packages fix a security vulnerability: StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a ‘\0’ located after whitespace. (CVE-2023-34194)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 9 | noarch | tinyxml | < 2.6.2-14.1 | tinyxml-2.6.2-14.1.mga9 |