xml-security-c (1.4.0-4) unstable; urgency=high

  * CVE-2009-0217: Apply upstream patch to sanity-check the HMAC
    truncation length.  Closes a vulnerability that could allow an
    attacker to spoof HMAC-based signatures and bypass authentication.
  * Remove duplicate section for libxml-security-c14.
  * Update standards version to 3.8.2 (no changes required).

Date: Sat,  15 Aug 2009 17:25:01 +0100
Changed-By: Michael Bienia <[email protected]>
Maintainer: Debian Shib Team <[email protected]>
Origin: Debian/testing
https://launchpad.net/ubuntu/karmic/+source/xml-security-c/1.4.0-4
Origin: Debian/testing
Format: 1.7
Date: Sat,  15 Aug 2009 17:25:01 +0100
Source: xml-security-c
Binary: libxml-security-c14, libxml-security-c-dev
Architecture: source
Version: 1.4.0-4
Distribution: karmic
Urgency: high
Maintainer: Debian Shib Team <[email protected]>
Changed-By: Michael Bienia <[email protected]>
Changes: 
 xml-security-c (1.4.0-4) unstable; urgency=high
 .
   * CVE-2009-0217: Apply upstream patch to sanity-check the HMAC
     truncation length.  Closes a vulnerability that could allow an
     attacker to spoof HMAC-based signatures and bypass authentication.
   * Remove duplicate section for libxml-security-c14.
   * Update standards version to 3.8.2 (no changes required).
Files: 
 12028cf2a8a899691ddb0fdeaae43ba6 6257 libs extra xml-security-c_1.4.0-4.diff.gz
 c375af40c3d02f106d1a8fbfd31db9a0 1350 libs extra xml-security-c_1.4.0-4.dsc
-- 
Karmic-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/karmic-changes

Reply via email to