Updated xmltooling packages has been released for Debian 6 LTS
Package : xmltooling
Version : 1.3.3-2+deb6u1
CVE ID : CVE-2015-0851
Debian Bug : 793855
Shibboleth SP software crashes on well-formed but invalid XML
Another upload for opensaml2 is needed to really solve this
issue. This will be done shortly.