It was discovered that Expat, a C library to parse XML, is vulnerable to denial of service through hash collisions and a memory leak in pool handling. For the stable distribution (squeeze), this problem has been fixed in version 2.0.1-7+squeeze1. For the testing distribution (wheezy), this problem has been fixed in version 2.1.0~beta3-1. For the unstable distribution (sid), this problem has been fixed in version 2.1.0~beta3-1. We recommend that you upgrade your expat packages.
It was discovered that Expat, a C library to parse XML, is vulnerable to denial of service through hash collisions and a memory leak in pool handling.
For the stable distribution (squeeze), this problem has been fixed in version 2.0.1-7+squeeze1.
For the testing distribution (wheezy), this problem has been fixed in version 2.1.0~beta3-1.
For the unstable distribution (sid), this problem has been fixed in version 2.1.0~beta3-1.
We recommend that you upgrade your expat packages.