* Merge from Debian testing (LP: #1076812). Remaining changes:
- Add libxmlrpc-core-c3-udeb for use during installation (LP: #831496).
- Add Breaks/Replaces to cover binary package reorganisation (LP: #878180).
- Fix dh_makeshlibs calls for libxmlrpc-core-c3-0 -> libxmlrpc-core-c3
rename.
- Add backport-gssapi-delegation.patch, and bump the build-depends on
libcurl4-openssl-dev and libcurl3-openssl-dev to >= 7.22.0
- Fix dependencies of xmlrpc-api-utils
* Changes merged by Debian:
- Run the tests as part of the build process
- SECURITY UPDATE: Denial of service via hash collisions
- SECURITY UPDATE: Denial of service via memory leak
xmlrpc-c (1.16.33-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Fix CVE-2012-0876 and CVE-2012-1148 in embedded Expat copy. Thanks to
Tyler Hicks for the patch and the report (Closes: #687672)
-- Tyler Hicks <email address hidden> Thu, 08 Nov 2012 16:29:20 -0800
This bug was fixed in the package xmlrpc-c - 1.16.33-3.2ubuntu1
--------------- 3.2ubuntu1) raring; urgency=low
xmlrpc-c (1.16.33-
* Merge from Debian testing (LP: #1076812). Remaining changes: core-c3- udeb for use during installation (LP: #831496). gssapi- delegation. patch, and bump the build-depends on openssl- dev and libcurl3- openssl- dev to >= 7.22.0
- Add libxmlrpc-
- Add Breaks/Replaces to cover binary package reorganisation (LP: #878180).
- Fix dh_makeshlibs calls for libxmlrpc-core-c3-0 -> libxmlrpc-core-c3
rename.
- Add backport-
libcurl4-
- Fix dependencies of xmlrpc-api-utils
* Changes merged by Debian:
- Run the tests as part of the build process
- SECURITY UPDATE: Denial of service via hash collisions
- SECURITY UPDATE: Denial of service via memory leak
xmlrpc-c (1.16.33-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Fix CVE-2012-0876 and CVE-2012-1148 in embedded Expat copy. Thanks to
Tyler Hicks for the patch and the report (Closes: #687672)
-- Tyler Hicks <email address hidden> Thu, 08 Nov 2012 16:29:20 -0800