Explore top 10 tips to secure your open-source projects now. Read More
×
XML::LibXML could be made to expose sensitive information.
Software Description:
- libxml-libxml-perl: Perl interface to the libxml2 library
Details:
Tilmann Haak discovered that XML::LibXML incorrectly handled the
expand_entities parameter in certain situations. A remote attacker could
possibly use this issue to access sensitive information.
The problem can be corrected by updating your system to the following package versions: Ubuntu 15.04: libxml-libxml-perl 2.0116+dfsg-1ubuntu0.15.04.1 Ubuntu 14.10: libxml-libxml-perl 2.0116+dfsg-1ubuntu0.14.10.1 Ubuntu 14.04 LTS: libxml-libxml-perl 2.0108+dfsg-1ubuntu0.1 Ubuntu 12.04 LTS: libxml-libxml-perl 1.89+dfsg-1ubuntu0.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-2592-1
CVE-2015-3451
Get the latest Linux and open source security news straight to your inbox.