Mandriva Linux Security Advisory 2009-219 – A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Additionally on 2009.0 a patch was added to prevent kompozer from crashing (#44830), on 2009.1 a format string patch was added to make it build with the -Wformat -Werror=format-security gcc optimization switch added in 2009.1 This update fixes these issues.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/80576/MDVSA-2009-219.txt
Source: https://packetstormsecurity.com/files/80576/Mandriva-Linux-Security-Advisory-2009-219.html