Mandriva: 2013:156: apache-mod_security

LinuxSecurity.com: A vulnerability has been found and corrected in apache-mod_security:
ModSecurity before 2.7.3 allows remote attackers to read arbitrary
files, send HTTP requests to intranet servers, or cause a denial
of service (CPU and memory consumption) via an XML external entity
[More...]