[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 214-1] libxml-libxml-perl security update



Package        : libxml-libxml-perl
Version        : 1.70.ds-1+deb6u1
CVE ID         : CVE-2015-3451
Debian Bug     : 783443

In some cases, XML::LibXML did not respect the request to disable entities
expansion. Applications handling untrusted XML files can then be tricked
into disclosing the content of local files.

In Debian 6 “Squeeze”, this issue has been fixed in libxml-libxml-perl
version 1.70.ds-1+deb6u1.

-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

Attachment: signature.asc
Description: Digital signature


Reply to: