Ubuntu Security Notice 890-4 – USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for PyXML. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/85654/USN-890-4.txt
Source: https://packetstormsecurity.com/files/85654/Ubuntu-Security-Notice-890-4.html