Debian 10261 Published by

A xmltooling security update has been released for Debian GNU/Linux 8 Extended LTS to address an issue that may result in server-side request forgery.



ELA-877-1 xmltooling security update

Package : xmltooling
Version : 1.5.3-2+deb8u5 (jessie)

Jurien de Jong discovered that the parsing of KeyInfo elements within the
XMLTooling library may result in server-side request forgery.

ELA-877-1 xmltooling security update