libxml2 version 2.7.0 and 2.7.1 did not properly handle predefined entities definitions in entities, which allowed context-dependent attackers to cause a denial of service via certain XML documents . The updated packages have been patched to prevent this issue.