Tim Boddy discovered that Expat, contained within the xmltok library, did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources.
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "1.2-4ubuntu0.18.04.1~esm5", "binary_name": "libxmltok1" }, { "binary_version": "1.2-4ubuntu0.18.04.1~esm5", "binary_name": "libxmltok1-dbgsym" }, { "binary_version": "1.2-4ubuntu0.18.04.1~esm5", "binary_name": "libxmltok1-dev" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "1.2-4ubuntu0.20.04.1~esm5", "binary_name": "libxmltok1" }, { "binary_version": "1.2-4ubuntu0.20.04.1~esm5", "binary_name": "libxmltok1-dbgsym" }, { "binary_version": "1.2-4ubuntu0.20.04.1~esm5", "binary_name": "libxmltok1-dev" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "1.2-4ubuntu0.22.04.1~esm5", "binary_name": "libxmltok1" }, { "binary_version": "1.2-4ubuntu0.22.04.1~esm5", "binary_name": "libxmltok1-dbgsym" }, { "binary_version": "1.2-4ubuntu0.22.04.1~esm5", "binary_name": "libxmltok1-dev" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.2-4.1ubuntu3.2", "binary_name": "libxmltok1-dev" }, { "binary_version": "1.2-4.1ubuntu3.2", "binary_name": "libxmltok1t64" }, { "binary_version": "1.2-4.1ubuntu3.2", "binary_name": "libxmltok1t64-dbgsym" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "1.2-4.1ubuntu2.24.0.4.1+esm3", "binary_name": "libxmltok1-dev" }, { "binary_version": "1.2-4.1ubuntu2.24.0.4.1+esm3", "binary_name": "libxmltok1t64" }, { "binary_version": "1.2-4.1ubuntu2.24.0.4.1+esm3", "binary_name": "libxmltok1t64-dbgsym" } ] }