batik (1.7.ubuntu-8ubuntu2.14.04.2) trusty-security; urgency=medium * SECURITY UPDATE: SSRF through external DTD resolution - debian/patches/CVE-2017-5662.patch: disable external DTD resolution in sources/org/apache/batik/dom/util/SAXDocumentFactory.java. - Thanks to Debian for the patch backport. - CVE-2017-5662 -- Marc Deslauriers <email address hidden> Thu, 04 May 2017 12:48:26 -0400