This CVE was addressed in 3.1.1-5.1 in wily, and was updated in earlier releases with the following updates:
12.04 LTS (precise): 3.1.1-1+deb6u1build0.12.04.1 14.04 LTS (trusty): 3.1.1-5.1~build0.14.04.1 Thanks for the report. ** Changed in: xerces-c (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1449316 Title: xerces-c is missing patch for CVE-2015-0252 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xerces-c/+bug/1449316/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs