python-pikepdf 2.10.0 fixed XML External Entity (XXE) processing vulnerability in PDF XMP metadata parsing. Upstream patch: https://github.com/pikepdf/pikepdf/commit/3f38f73218e5e782fe411ccbb3b44a793c0b343a References: https://github.com/pikepdf/pikepdf/blob/master/docs/release_notes.rst
Created python-pikepdf tracking bugs for this issue: Affects: fedora-all [bug 1945365]
*** This bug has been marked as a duplicate of bug 1946269 ***
Statement: This flaw was found to be a duplicate of CVE-2021-29421. Please see https://access.redhat.com/security/cve/CVE-2021-29421 for information about affected products and security errata.