Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2026-1397)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1397 advisory. A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives...