Univention Corporate Server 4.1 erratum 285 (security)

This update addresses the following issues:
* dict.c in libxml2 allows remote attackers to cause a denial of service
  (heap-based buffer over-read and application crash) via an unexpected
  character immediately after the "<!DOCTYPE html" substring in a crafted
  HTML document. (CVE-2015-8806)
* libxml2 allows remote attackers to execute arbitrary code or cause a denial
  of service (memory corruption) via a crafted XML document. (CVE-2016-1762,
  CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,
  CVE-2016-1838, CVE-2016-1839, CVE-2016-1840)
* The htmlParseNameComplex function in HTMLparser.c in libxml2 allows
  attackers to cause a denial of service (out-of-bounds read) via a crafted
  XML document. (CVE-2016-2073)
* The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier,
  when used in recovery mode, allows context-dependent attackers to cause a
  denial of service (infinite recursion, stack consumption, and application
  crash) via a crafted XML document. (CVE-2016-3627)
* The xmlParserEntityCheck and xmlParseAttValueComplex functions in parser.c
  in libxml2 2.9.3 do not properly keep track of the recursion depth, which
  allows context-dependent attackers to cause a denial of service (stack
  consumption and application crash) via a crafted XML document containing a
  large number of nested entity references. (CVE-2016-3705)
* The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows
  context-dependent attackers to cause a denial of service (heap-based buffer
  underread and application crash) via a crafted file, involving
  xmlParseName.  (CVE-2016-4447)
* XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities
  function in parser.c in libxml2 before 2.9.4, when not in validating mode,
  allows context-dependent attackers to read arbitrary files or cause a
  denial of service (resource consumption) via unspecified vectors.
  (CVE-2016-4449)
* out-of-bounds read (CVE-2016-4483)