Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
0.6.3-3build10.1.0+git20150808-10.1.0+git20150808-20.23.3-2ubuntu20.13+ds1-50.23.3-2ubuntu30.13+ds1-5build10.13+ds1-64.1.1+xorg4.3.0-37.3ubuntu20.23.3-2.1build10.13+ds1-60.13+ds2-10.13+ds2-1