Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 616
Alerts This Week
Warning Icon 1 616

Ubuntu 16.04 ESM USN-5674-1: Critical XML Library DoS Issue

ubuntu
Calendar Grey October 13, 2022
Dist Ubuntu Esm H88
A critical vulnerability exists in the XML Security Library on Ubuntu 16.04 ESM. It can lead to system crashes and data leakage, requiring immediate patching and assessments.
XML Security Library could be made to crash if it opened a specially crafted file.

Summary

XML Security Library could be made to crash if it opened a specially

crafted file.

Software Description:

- xmlsec1: XML security command line processor

Details:

It was discovered that XML Security Library incorrectly handled certain

input documents. An attacker could possibly use this issue to obtain

sensitive information or cause a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   libxmlsec1                      1.2.20-2ubuntu4+esm1
   xmlsec1                         1.2.20-2ubuntu4+esm1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5674-1

CVE-2017-1000061

Severity
critical
Lowest
Low
Medium
High
Critical

October 13, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.