ELA-92-1 xmltooling security update

denial-of-service

Packagexmltooling
Version1.4.2-5+deb7u4
Related CVE CVE-2019-9628

Ross Geerlings discovered that the XMLTooling library did not correctly handle exceptions for malformed XML declarations, which could result in denial of service against the application using XMLTooling.

For Debian 7 Wheezy, these problems have been fixed in version 1.4.2-5+deb7u4.

We recommend that you upgrade your xmltooling packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/