The 14.04 LTS xmltooling package shows up on http://people.canonical.com /~ubuntu-security/d2u/ so there's a good chance we'll release a fakesync from Debian to address this for trusty, but other releases will need someone from the community to prepare and test a debdiff. Once it's ready, attach it here, and subscribe ubuntu-security-sponsors.
Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1752306 Title: Security bug in XMLTooling-C before 1.6.4 [CVE-2018-0489] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xmltooling/+bug/1752306/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
