CVE-2021-27836: An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file. Three PRs listed in the issue: https://github.com/libxls/libxls/pull/95 https://github.com/libxls/libxls/pull/96 https://github.com/libxls/libxls/pull/97 Only the first two are merged, but they're merged into dev and are unreleased.