Package: libxml2 Severity: serious Tags: security patch Hi,
The Netherlands Cyber Security Center announced an issue in libxml2. https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html It seems to be a variant of the classic 'billion laughs' vulnerability. Upstream has fixed this in 2.9.2: https://git.gnome.org/browse/libxml2/commit/?id=be2a7edaf289c5da74a4f9ed3a0b6c733e775230 Cheers, Thijs -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org