Name of the Vulnerable Software and Affected Versions exempi (affected versions not specified) exiv2 (affected versions not specified)

Description The issue is related to XML entity expansion, also known as a "billion laughs attack", which can lead to a denial-of-service attack. The exempi and exiv2 packages contain code to protect against this attack, but it was not compiled into the Mageia package due to the BanAllEntityUsage macro not being defined.

Recommendations For exempi, recompile the package with the BanAllEntityUsage macro defined to protect against the denial-of-service attack. For exiv2, recompile the package with the BanAllEntityUsage macro defined to protect against the denial-of-service attack.