Comment 4 for bug 1076812

This bug was fixed in the package xmlrpc-c - 1.16.33-3.2ubuntu1

---------------
xmlrpc-c (1.16.33-3.2ubuntu1) raring; urgency=low

  * Merge from Debian testing (LP: #1076812). Remaining changes:
    - Add libxmlrpc-core-c3-udeb for use during installation (LP: #831496).
    - Add Breaks/Replaces to cover binary package reorganisation (LP: #878180).
    - Fix dh_makeshlibs calls for libxmlrpc-core-c3-0 -> libxmlrpc-core-c3
      rename.
    - Add backport-gssapi-delegation.patch, and bump the build-depends on
      libcurl4-openssl-dev and libcurl3-openssl-dev to >= 7.22.0
    - Fix dependencies of xmlrpc-api-utils
  * Changes merged by Debian:
    - Run the tests as part of the build process
    - SECURITY UPDATE: Denial of service via hash collisions
    - SECURITY UPDATE: Denial of service via memory leak

xmlrpc-c (1.16.33-3.2) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix CVE-2012-0876 and CVE-2012-1148 in embedded Expat copy. Thanks to
    Tyler Hicks for the patch and the report (Closes: #687672)
 -- Tyler Hicks <email address hidden> Thu, 08 Nov 2012 16:29:20 -0800