USN-3010-1 Expat vulnerabilities
Medium
expat – XML parsing C library, Canonical Ubuntu
It was discovered that Expat unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. (CVE-2012-6702)
It was discovered that Expat incorrectly handled seeding the random number generator. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-5300)
_Severity is medium unless otherwise noted.
_
Users are strongly encouraged to follow the mitigation below: