Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.
{ "availability": "No subscription required", "binaries": [ { "libxml2-dev": "2.9.1+dfsg1-3ubuntu4.11", "libxml2-utils-dbgsym": "2.9.1+dfsg1-3ubuntu4.11", "python-libxml2-dbgsym": "2.9.1+dfsg1-3ubuntu4.11", "libxml2-utils": "2.9.1+dfsg1-3ubuntu4.11", "libxml2-doc": "2.9.1+dfsg1-3ubuntu4.11", "python-libxml2": "2.9.1+dfsg1-3ubuntu4.11", "libxml2": "2.9.1+dfsg1-3ubuntu4.11", "libxml2-udeb-dbgsym": "2.9.1+dfsg1-3ubuntu4.11", "python-libxml2-dbg": "2.9.1+dfsg1-3ubuntu4.11", "libxml2-dbgsym": "2.9.1+dfsg1-3ubuntu4.11", "libxml2-utils-dbg": "2.9.1+dfsg1-3ubuntu4.11", "libxml2-dev-dbgsym": "2.9.1+dfsg1-3ubuntu4.11", "libxml2-dbg": "2.9.1+dfsg1-3ubuntu4.11", "libxml2-udeb": "2.9.1+dfsg1-3ubuntu4.11" } ] }
{ "availability": "No subscription required", "binaries": [ { "libxml2": "2.9.3+dfsg1-1ubuntu0.4", "libxml2-udeb-dbgsym": "2.9.3+dfsg1-1ubuntu0.4", "libxml2-dev": "2.9.3+dfsg1-1ubuntu0.4", "libxml2-utils-dbgsym": "2.9.3+dfsg1-1ubuntu0.4", "libxml2-dbg": "2.9.3+dfsg1-1ubuntu0.4", "libxml2-utils": "2.9.3+dfsg1-1ubuntu0.4", "libxml2-doc": "2.9.3+dfsg1-1ubuntu0.4", "libxml2-dev-dbgsym": "2.9.3+dfsg1-1ubuntu0.4", "libxml2-dbgsym": "2.9.3+dfsg1-1ubuntu0.4", "libxml2-udeb": "2.9.3+dfsg1-1ubuntu0.4", "libxml2-utils-dbg": "2.9.3+dfsg1-1ubuntu0.4", "python-libxml2": "2.9.3+dfsg1-1ubuntu0.4", "python-libxml2-dbg": "2.9.3+dfsg1-1ubuntu0.4" } ] }