Ubuntu 6415 Published by

A XML Security Library security update has been released for Ubuntu Linux 16.04 ESM.



USN-5674-1: XML Security Library vulnerability


==========================================================================
Ubuntu Security Notice USN-5674-1
October 13, 2022

xmlsec1 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM

Summary:

XML Security Library could be made to crash if it opened a specially
crafted file.

Software Description:
- xmlsec1: XML security command line processor

Details:

It was discovered that XML Security Library incorrectly handled certain
input documents. An attacker could possibly use this issue to obtain
sensitive information or cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
libxmlsec1 1.2.20-2ubuntu4+esm1
xmlsec1 1.2.20-2ubuntu4+esm1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5674-1
CVE-2017-1000061