Red Hat Security Advisory 2015-0749-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity attacks, possibly resulting in a denial of service or an information leak on the system. The CVE-2014-0191 issue was discovered by Daniel P. Berrange of Red Hat.
15c49fedfd4a3e46ea1a642a1d02d9c329ca365e3e9985dba2151d5b6dfb8796