Ubuntu 6415 Published by

A XML Security Library security update has been released for Ubuntu Linux 16.04 ESM.

USN-5674-1: XML Security Library vulnerability

Ubuntu Security Notice USN-5674-1
October 13, 2022

xmlsec1 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM


XML Security Library could be made to crash if it opened a specially
crafted file.

Software Description:
- xmlsec1: XML security command line processor


It was discovered that XML Security Library incorrectly handled certain
input documents. An attacker could possibly use this issue to obtain
sensitive information or cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
libxmlsec1 1.2.20-2ubuntu4+esm1
xmlsec1 1.2.20-2ubuntu4+esm1

In general, a standard system update will make all the necessary changes.