Brad Fitzpatrick discovered that the UTF-8 decoding functions of libxml2, the GNOME XML library, validate UTF-8 correctness insufficiently, which may lead to denial of service by forcing libxml2 into an infinite loop. For the old stable distribution (sarge), this problem has been fixed in version 2.6.16-7sarge1. For the stable distribution (etch), this problem has been fixed in version 2.6.27.dfsg-2. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your libxml2 packages.
Brad Fitzpatrick discovered that the UTF-8 decoding functions of libxml2, the GNOME XML library, validate UTF-8 correctness insufficiently, which may lead to denial of service by forcing libxml2 into an infinite loop.
For the old stable distribution (sarge), this problem has been fixed in version 2.6.16-7sarge1.
For the stable distribution (etch), this problem has been fixed in version 2.6.27.dfsg-2.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your libxml2 packages.
MD5 checksums of the listed files are available in the original advisory.