ELA-466-1 libjdom1-java security update

XML External Entity (XXE) vulnerability

2021-08-04
Packagelibjdom1-java
Version1.1.3-1+deb8u1
Related CVEs CVE-2021-33813

It was discovered that there was an XML External Entity (XXE) issue in libjdom1-java, a library for reading and manipulating XML documents. Attackers could have caused a denial of service attack via a specially-crafted HTTP request.

For Debian 8 jessie, these problems have been fixed in version 1.1.3-1+deb8u1.

We recommend that you upgrade your libjdom1-java packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/