Debian Security Advisory
DSA-2978-1 libxml2 -- security update
- Date Reported:
- 11 Jul 2014
- Affected Packages:
- libxml2
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2014-0191.
- More information:
-
Daniel P. Berrange discovered a denial of service vulnerability in libxml2 entity substitution.
For the stable distribution (wheezy), this problem has been fixed in version 2.8.0+dfsg1-7+wheezy1.
For the unstable distribution (sid), this problem has been fixed in version 2.9.1+dfsg1-4.
We recommend that you upgrade your libxml2 packages.