Mandriva Linux Security Advisory : batik (MDVSA-2015:203)
Medium Nessus Plugin ID 82738
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated batik packages fix security vulnerability :
Nicolas Gregoire and Kevin Schaller discovered that Batik would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted SVG file, an attacker could possibly obtain access to arbitrary files or cause resource consumption (CVE-2015-0250).
SolutionUpdate the affected packages.