Debian has issued an advisory on November 19: https://www.debian.org/security/2017/dsa-4042 Mageia 5 and Mageia 6 are also affected.
Assigning to the registered maintainer.
Whiteboard: (none) => MGA6TOO, MGA5TOOCC: (none) => marja11Assignee: bugsquad => shlomif
Source RPM: perl-libxml-perl-0.80.0-8.mga6.src.rpm => perl-XML-LibXMLSummary: perl-libxml-perl new security issue CVE-2017-10672 => perl-XML-LibXML new security issue CVE-2017-10672
The correct package in mageia is perl-XML-LibXML and I am its upstream maintainer.
The version in cauldron already includes the fix.
Whiteboard: MGA6TOO, MGA5TOO => MGA5TOOVersion: Cauldron => 6
seems like a duplicate of https://bugs.mageia.org/show_bug.cgi?id=21332 . *** This bug has been marked as a duplicate of bug 21332 ***
Resolution: (none) => DUPLICATEStatus: NEW => RESOLVED
Ahh yes, good catch. Debian's naming of their perl packages is horribly unhelpful.