Brad Fitzpatrick discovered that the UTF-8 decoding functions of libxml2,
the GNOME XML library, validate UTF-8 correctness insufficiently, which
may lead to denial of service by forcing libxml2 into an infinite loop.
For the old stable distribution (sarge), this problem has been fixed in
version 2.6.16-7sarge1.
For the stable distribution (etch), this problem has been fixed in
version 2.6.27.dfsg-2.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your libxml2 packages.