Package: rampart Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for rampart.
CVE-2011-2329[0]: | The rampart_timestamp_token_validate function in | util/rampart_timestamp_token.c in Apache Rampart/C 1.3.0 does not | properly calculate the expiration of timestamp tokens, which allows | remote attackers to bypass intended access restrictions by leveraging | an expired token, a different vulnerability than CVE-2011-0730. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2329 http://security-tracker.debian.org/tracker/CVE-2011-2329 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
