Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
0.6.3-3build10.1.0+git20150808-10.1.0+git20150808-20.23.3-2ubuntu23.20.1+git20120521-63.20.1+git20120521-6build10.13+ds1-52.4.7-42.4.7-4build10.23.3-2ubuntu33.1.4~abc9f50+dfsg1-23.1.4~abc9f50+dfsg2-13.1.4~abc9f50+dfsg3-13.1.4~abc9f50+dfsg3-20.13+ds1-5build10.13+ds1-62.4.7-5ubuntu1