xmltooling could be made to crash if it opened a specially crafted
file.
Software Description:
- xmltooling: C++ XML parsing library with encryption support
Details:
It was discovered that XMLTooling incorrectly handled certain XML files
with
invalid data. An attacker could use this issue to cause XMLTooling to
crash,
resulting in a denial of service.
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: libxmltooling8 3.0.2-1ubuntu1.1 Ubuntu 18.04 LTS: libxmltooling7 1.6.4-1ubuntu2.1 Ubuntu 16.04 LTS: libxmltooling6v5 1.5.6-2ubuntu0.3 Ubuntu 14.04 LTS: libxmltooling6 1.5.3-2+deb8u3ubuntu0.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-3921-1
CVE-2019-9628
Get the latest Linux and open source security news straight to your inbox.