xml-security-c 1.6.1-6 source package in Ubuntu
Changelog
xml-security-c (1.6.1-6) unstable; urgency=high * Apply upstream patch to fix a spoofing vulnerability that allows an attacker to reuse existing signatures with arbitrary content. (CVE-2013-2153) * Apply upstream patch to fix a stack overflow in the processing of malformed XPointer expressions in the XML Signature Reference processing code. (CVE-2013-2154) * Apply upstream patch to fix processing of the output length of an HMAC-based XML Signature that could cause a denial of service when processing specially chosen input. (CVE-2013-2155) * Apply upstream patch to fix a heap overflow in the processing of the PrefixList attribute optionally used in conjunction with Exclusive Canonicalization, potentially allowing arbitrary code execution. (CVE-2013-2156) -- Russ Allbery <email address hidden> Mon, 17 Jun 2013 22:25:32 -0700
Upload details
- Uploaded by:
- Debian Shib Team
- Uploaded to:
- Sid
- Original maintainer:
- Debian Shib Team
- Architectures:
- any
- Section:
- libs
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
xml-security-c_1.6.1-6.dsc | 1.7 KiB | 9550bfa8eb7d9af144c88e02afb30afd057ba6d9edcbe43db5ece49e6cc353e1 |
xml-security-c_1.6.1.orig.tar.gz | 844.1 KiB | 73931a55d6925a82416ea48f8d6f1b8ed591368e1dfc30574fe43904b7c62fcd |
xml-security-c_1.6.1-6.debian.tar.gz | 11.4 KiB | da3a4a694679319645aaf8a68cd95d0958b0fdf9b226655048a5be77faac5330 |
Available diffs
- diff from 1.6.1-5 to 1.6.1-6 (4.6 KiB)
No changes file available.
Binary packages built by this source
- libxml-security-c-dev: No summary available for libxml-security-c-dev in ubuntu saucy.
No description available for libxml-
security- c-dev in ubuntu saucy.
- libxml-security-c16: No summary available for libxml-security-c16 in ubuntu saucy.
No description available for libxml-security-c16 in ubuntu saucy.