| Package | xmltooling |
|---|---|
| Version | 1.4.2-5+deb7u4 |
| Related CVEs | CVE-2019-9628 |
Ross Geerlings discovered that the XMLTooling library did not correctly handle exceptions for malformed XML declarations, which could result in denial of service against the application using XMLTooling.
For Debian 7 Wheezy, these problems have been fixed in version 1.4.2-5+deb7u4.
We recommend that you upgrade your xmltooling packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.