It was discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service.
{ "availability": "No subscription required", "binaries": [ { "libxml2": "2.9.1+dfsg1-3ubuntu4.4", "libxml2-dev": "2.9.1+dfsg1-3ubuntu4.4", "libxml2-utils": "2.9.1+dfsg1-3ubuntu4.4", "libxml2-doc": "2.9.1+dfsg1-3ubuntu4.4", "libxml2-dbg": "2.9.1+dfsg1-3ubuntu4.4", "libxml2-utils-dbg": "2.9.1+dfsg1-3ubuntu4.4", "libxml2-udeb": "2.9.1+dfsg1-3ubuntu4.4", "python-libxml2-dbg": "2.9.1+dfsg1-3ubuntu4.4", "python-libxml2": "2.9.1+dfsg1-3ubuntu4.4" } ] }