A vulnerability was discovered and corrected in libxml2: libxml2 before 2.7.8 reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service via a crafted XML document . Packages for 2009.0 are provided as of the Extended Maintenance Program