xml-security-c 1.6.1-7~build0.12.10.1 source package in Ubuntu
Changelog
xml-security-c (1.6.1-7~build0.12.10.1) quantal-security; urgency=low * fake sync from Debian xml-security-c (1.6.1-7) unstable; urgency=high * The attempted fix to address CVE-2013-2154 introduced the possibility of a heap overflow, possibly leading to arbitrary code execution, in the processing of malformed XPointer expressions in the XML Signature Reference processing code. Apply upstream patch to fix that heap overflow. (Closes: #714241, CVE-2013-2210) xml-security-c (1.6.1-6) unstable; urgency=high * Apply upstream patch to fix a spoofing vulnerability that allows an attacker to reuse existing signatures with arbitrary content. (CVE-2013-2153) * Apply upstream patch to fix a stack overflow in the processing of malformed XPointer expressions in the XML Signature Reference processing code. (CVE-2013-2154) * Apply upstream patch to fix processing of the output length of an HMAC-based XML Signature that could cause a denial of service when processing specially chosen input. (CVE-2013-2155) * Apply upstream patch to fix a heap overflow in the processing of the PrefixList attribute optionally used in conjunction with Exclusive Canonicalization, potentially allowing arbitrary code execution. (CVE-2013-2156) -- Jamie Strandboge <email address hidden> Wed, 10 Jul 2013 16:14:24 -0500
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Quantal
- Original maintainer:
- Debian Shib Team
- Architectures:
- any
- Section:
- libs
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
xml-security-c_1.6.1.orig.tar.gz | 844.1 KiB | 73931a55d6925a82416ea48f8d6f1b8ed591368e1dfc30574fe43904b7c62fcd |
xml-security-c_1.6.1-7~build0.12.10.1.debian.tar.gz | 11.6 KiB | ae36912d755dedb1bb0f19f843c61ee75388bcac1d8cf139b7995f1f83217f9e |
xml-security-c_1.6.1-7~build0.12.10.1.dsc | 2.1 KiB | 75ae29e4efcea64ca3cef68b65baf9a2ed511fe70090dc043f8fea28a80ab45e |
Available diffs
Binary packages built by this source
- libxml-security-c-dev: No summary available for libxml-security-c-dev in ubuntu quantal.
No description available for libxml-
security- c-dev in ubuntu quantal.
- libxml-security-c16: No summary available for libxml-security-c16 in ubuntu quantal.
No description available for libxml-security-c16 in ubuntu quantal.