Univention Bugzilla – Bug 37745
libxml2: Denial of service (4.0)
Last modified: 2015-05-07 17:42:11 CEST
Denial of source due to unlimited expansion of external entities (CVE-2014-0191)
Denial of service through unlimited entity expansion (CVE-2014-3660)
A fix for this and the regession fix is now upstream as 2.8.0+dfsg1-7+wheezy4 (DSA-3057-2).
Upstream version 2.8.0+dfsg1-7+wheezy4 has been imported and built in errata4.0-1.