Source: xerces-c Version: 3.1.1-3 Severity: important Tags: security upstream patch fixed-upstream
Hi, the following vulnerability was published for xerces-c. CVE-2016-4463[0]: Apache Xerces-C XML Parser Crashes on Malformed DTD If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-4463 [1] https://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt Note that I have already prepared the corresponding debdiffs for jessie-security (and since was basically the same as well for wheezy lts). Regards, Salvatore