Ubuntu 22.04 LTS USN-6590-1 critical: Xerces-C++ DoS flaws

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in Xerces-C++. Software Description: - xerces-c: Validating XML parser written in a portable subset of C++ Details: It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2018-1311) It was discovered that Xerces-C++ was not properly performing bounds checks when processing XML Schema Definition files, w...