A number of other systems have been affected by this issues as well

May 18, 2014 15:14 GMT  ·  By

Canonical published some details yesterday about a libxml2 vulnerability in its Ubuntu 14.04 LTS, Ubuntu 13.10, Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.

Even if it seems that Ubuntu 10.04 LTS reached end of life a long time ago, the current update is actually referring to the server edition of that particular distribution. It was launched back in 2010 and it is still supported for another year.

According to the security notice, “Daniel Berrange discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service.”

For a more detailed description of the problems, you can see Canonical's security notification. Users have been advised to update their systems as soon as possible. This is not a major problem, but you should upgrade nonetheless.

The flaws can be fixed if you upgrade your system(s) to the latest libxml2 packages specific to each distribution. To apply the patch, run the Update Manager application.

If you don't want to use the Software Updater, you can do this from a terminal. Open a terminal and enter the following commands:

sudo apt-get update sudo apt-get dist-upgrade

In general, a standard system update will make all the necessary changes, but you will have to reboot the system to finish the process.