Debian 10260 Published by

A libjdom2-java security update has been released for Debian GNU/Linux 8 Extended LTS to address a denial of service security issue.



ELA-449-1 libjdom2-java security update

Package libjdom2-java
Version 2.0.6-1+deb9u1
Related CVEs CVE-2021-33813

It was discovered that there was an XML External Entity (XXE) issue in libjdom2-java, a library for reading and manipulating XML documents. Attackers could have caused a denial of service attack via a specially-crafted HTTP request.

For Debian 8 Jessie, these problems have been fixed in version 2.0.6-1+deb9u1.

We recommend that you upgrade your libjdom2-java packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-449-1 libjdom2-java security update