On Sun, Feb 1, 2015 at 4:24 PM, Aron Xu <aron@debian.org> wrote: > > libxml2 in Jessie has CVE-2014-3600 pending to be addressed This should be CVE-2014-3660. Regards, Aron