xml-security-c 1.6.1-1ubuntu0.1 source package in Ubuntu
Changelog
xml-security-c (1.6.1-1ubuntu0.1) precise-security; urgency=low * SECURITY UPDATE: (LP: #1192874). - Apply upstream patch to fix a spoofing vulnerability that allows an attacker to reuse existing signatures with arbitrary content. (CVE-2013-2153) - Apply upstream patch to fix a stack overflow in the processing of malformed XPointer expressions in the XML Signature Reference processing code. (CVE-2013-2154) - Apply upstream patch to fix processing of the output length of an HMAC-based XML Signature that could cause a denial of service when processing specially chosen input. (CVE-2013-2155) - Apply upstream patch to fix a heap overflow in the processing of the PrefixList attribute optionally used in conjunction with Exclusive Canonicalization, potentially allowing arbitrary code execution. (CVE-2013-2156) * SECURITY UPDATE: The attempted fix to address CVE-2013-2154 introduced the possibility of a heap overflow, possibly leading to arbitrary code execution, in the processing of malformed XPointer expressions in the XML Signature Reference processing code (LP: #1199969). - Apply upstream patch to fix that heap overflow. (CVE-2013-2210) -- Christian Biamont <email address hidden> Wed, 25 Sep 2013 10:27:27 +0200
Upload details
- Uploaded by:
- Christian Biamont
- Sponsored by:
- Marc Deslauriers
- Uploaded to:
- Precise
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- libs
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Precise | updates | universe | libs | |
Precise | security | universe | libs |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
xml-security-c_1.6.1.orig.tar.gz | 844.1 KiB | 73931a55d6925a82416ea48f8d6f1b8ed591368e1dfc30574fe43904b7c62fcd |
xml-security-c_1.6.1-1ubuntu0.1.debian.tar.gz | 11.3 KiB | c04ecc1c84f564b59d19ffac033dcdae47e7c8d2b9c9181c262337627f8dff7b |
xml-security-c_1.6.1-1ubuntu0.1.dsc | 2.2 KiB | be5b542b43e742a4125af7d90539cdb3849d888e763b5da47f24a7730f9cdcb0 |
Available diffs
Binary packages built by this source
- libxml-security-c-dev: C++ library for XML Digital Signatures (development)
Apache XML Security for C++ is a library for the XML Digital Security
specification. It provides processing and handling of XML Key Management
Specifications (XKMS) messages.
.
This package contains the Apache XML Security for C++ development files.
- libxml-security-c16: C++ library for XML Digital Signatures (runtime)
Apache XML Security for C++ is a library for the XML Digital Security
specification. It provides processing and handling of XML Key Management
Specifications (XKMS) messages.
.
This package contains the files necessary for running applications that
use the Apache XML Security for C++ library.