USN-5674-1: XML Security Library vulnerability
==========================================================================
Ubuntu Security Notice USN-5674-1
October 13, 2022
xmlsec1 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
XML Security Library could be made to crash if it opened a specially
crafted file.
Software Description:
- xmlsec1: XML security command line processor
Details:
It was discovered that XML Security Library incorrectly handled certain
input documents. An attacker could possibly use this issue to obtain
sensitive information or cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libxmlsec1 1.2.20-2ubuntu4+esm1
xmlsec1 1.2.20-2ubuntu4+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5674-1
CVE-2017-1000061
A XML Security Library security update has been released for Ubuntu Linux 16.04 ESM.
