CVE-2019-9628

Priority
Description
The XMLTooling library all versions prior to V3.0.4, provided with the
OpenSAML and Shibboleth Service Provider software, contains an XML parsing
class. Invalid data in the XML declaration causes an exception of a type
that was not handled properly in the parser class and propagates an
unexpected exception type.
Notes
Package
Upstream:released (3.0.4-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [1.5.3-2+deb8u3ubuntu0.1])
Ubuntu 16.04 LTS (Xenial Xerus):released (1.5.6-2ubuntu0.3)
Ubuntu 18.04 LTS (Bionic Beaver):released (1.6.4-1ubuntu2.1)
More Information

Updated: 2020-01-29 20:05:37 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)