On Tue, Mar 12, 2019 at 02:53:14PM +0100, wf...@niif.hu wrote:
> Moritz Muehlenhoff writes:
>
> > On Tue, Mar 12, 2019 at 10:19:00AM +0100, wf...@niif.hu wrote:
> >
> >> The resulting packages works fine in my setup. However, I failed to
> >> reproduce the original issue under stretch. After
Moritz Muehlenhoff writes:
> On Tue, Mar 12, 2019 at 10:19:00AM +0100, wf...@niif.hu wrote:
>
>> The resulting packages works fine in my setup. However, I failed to
>> reproduce the original issue under stretch. After consulting upstream,
>> it turns out that the old Xerces library actually
Salvatore Bonaccorso writes:
> On Sat, Mar 09, 2019 at 07:25:52PM +0100, wf...@niif.hu wrote:
>
>> I reserved a CVE from Mitre, backported the probable patch to
>> xmltooling 1.6.0-4+deb9u1 in stable and prepared a tentative package
>> with it, please see the debdiff below. I plan to add more
Source: xmltooling
Version: 3.0.3-1
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://issues.shibboleth.net/jira/browse/CPPXT-143
Control: found -1 1.6.0-4+deb9u1
Control: found -1 1.6.0-4
Hi,
The following vulnerability was published for xmltooling,
4 matches
Mail list logo