A vulnerability has been found and corrected in libxml2: A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide a specially-crafted XML file that, when processed by an application linked against libxml2, would lead to excessive CPU consumption . The updated packages have been upgraded to the 2.7.6 version and patched to correct this issue.