A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout
command line option, causing an application crash and resulting in a denial of service.
Do not process untrusted files with the xmllint program.