-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The Apache Santuario Project has released V1.7.1 of the XML-Security C++ library to correct the following reported vulnerabilities:
http://santuario.apache.org/secadv.data/CVE-2013-2153.txt http://santuario.apache.org/secadv.data/CVE-2013-2154.txt http://santuario.apache.org/secadv.data/CVE-2013-2155.txt http://santuario.apache.org/secadv.data/CVE-2013-2156.txt All versions of the library prior to V1.7.1 are affected by these issues. The fixed release is immediately available from http://santuario.apache.org/download.html Patches applicable to older versions can also be obtained from the advisories above. Thank you to James Forshaw for reporting, and assisting to fix and test, these issues. - -- Scott Cantor, on behalf of the Santuario Project -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (Darwin) iQIcBAEBCgAGBQJRv9WkAAoJEDeLhFQCJ3liVmwP/j0sqBY+luh/X0VTEluRJdJs +LanxUP1dSOt4XRGJdDRJh1/0QlhO33ilA2PPKO+eB1EX9PX/UOV36x16IkePWyz 12+SIhPI+YoWyRi42ir9JvSSeM9Ds0dQCdw7T8z5QIJUVdYbnoiXVLDq/X3WWIsO W8ElA7gJTvZu6JDP56V3Kxl0sZdPOU8oYAi/3ndKs00tSB7v2HvLCPuj81IAcshu glK3ZAVlxTZ52RxC3RHB/B2AmolaOUiXs33wSj2G1MQA58ZHZW+QoK9Edh3bZRnU PP5H0dPjgLkjob8pLYRBdrrT08EIewD3eEGqKQP244h/pja48LRe/1olgeZEPuS8 DS9XBzMUr2uCQw15aZ8GFdf8LgWXCJrDSTiW+1seHgaI0YIhzZAX7csU8uJaqoGb ZObY16+DEf25jcVW/1KFimTS//2jiQ5pw499VIV4d55KBKH3Ru0lWx7W04u78LML RySeqr92UDeuQN1zVl7bGUF/wfOi70cIU4Ogok3pAF98cgc7w4IqQLTXlksr7aIb Scter25npFcmehbYUjZTsU++isQFccHuCDg/rW6RDKxbfPIjJbchebAuYRLs6DDC ah7E9HuKZxE/P+aa63pEbkhGu0yREGBoHdX6oMXbF9cGwNQggKvnQYNO+CAFWHzr SS9vtKfvmZrsl/VZnSBh =rFG4 -----END PGP SIGNATURE-----
