Univention Bugzilla – Bug 37745
libxml2: Denial of service (4.0)
Last modified: 2015-05-07 17:42:11 CEST
Denial of source due to unlimited expansion of external entities (CVE-2014-0191)
Denial of service through unlimited entity expansion (CVE-2014-3660) A fix for this and the regession fix is now upstream as 2.8.0+dfsg1-7+wheezy4 (DSA-3057-2).
Upstream version 2.8.0+dfsg1-7+wheezy4 has been imported and built in errata4.0-1. Advisory: 2015-04-08-libxml2.yaml
Tests: OK Advisory: OK
<http://errata.univention.de/ucs/4.0/191.html>