CVE-2019-9628

Priority
Description
The XMLTooling library all versions prior to V3.0.4, provided with the
OpenSAML and Shibboleth Service Provider software, contains an XML parsing
class. Invalid data in the XML declaration causes an exception of a type
that was not handled properly in the parser class and propagates an
unexpected exception type.
Notes
Package
Upstream:released (3.0.4-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [1.5.3-2+deb8u3ubuntu0.1])
Ubuntu 16.04 LTS (Xenial Xerus):released (1.5.6-2ubuntu0.3)
Ubuntu 18.04 LTS (Bionic Beaver):released (1.6.4-1ubuntu2.1)
More Information

Updated: 2020-07-28 20:07:57 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)