This issue was fixed in version 1.6.8. However, that version is itself subject to other vulnerabilities, there are no safe versions to upgrade to.

libxml2, awesome