-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 27 Jun 2013 13:00:54 -0700 Source: xml-security-c Binary: libxml-security-c17 libxml-security-c-dev xml-security-c-utils Architecture: source i386 Version: 1.7.2-1 Distribution: experimental Urgency: high Maintainer: Debian Shib Team <pkg-shibboleth-de...@lists.alioth.debian.org> Changed-By: Russ Allbery <r...@debian.org> Description: libxml-security-c-dev - C++ library for XML Digital Signatures (development) libxml-security-c17 - C++ library for XML Digital Signatures (runtime) xml-security-c-utils - C++ library for XML Digital Signatures (utilities) Closes: 714241 Changes: xml-security-c (1.7.2-1) experimental; urgency=high . * New upstream release. - The attempted fix to address CVE-2013-2154 introduced the possibility of a heap overflow, possibly leading to arbitrary code execution, in the processing of malformed XPointer expressions in the XML Signature Reference processing code. Fix that heap overflow. (Closes: #714241, CVE-2013-2210) Checksums-Sha1: eea2280cf4b9542193e1ec78af1736e700168355 1841 xml-security-c_1.7.2-1.dsc fee59d5347ff0666802c8e5aa729e0304ee492bc 875465 xml-security-c_1.7.2.orig.tar.gz 37f7cecc570e7f0e83a09c1a1c301a62b53f4140 12024 xml-security-c_1.7.2-1.debian.tar.xz 7d9a425c3fae7bd8d7b193be726ee4af383ac969 279102 libxml-security-c17_1.7.2-1_i386.deb 87a7de0704530cc794b8e86643dbd3091274fa2a 110818 libxml-security-c-dev_1.7.2-1_i386.deb 449e2a02058dc840e04a85e81d144d05d8249d25 120508 xml-security-c-utils_1.7.2-1_i386.deb Checksums-Sha256: c22ae064be9b7b681cf4c6497ad6ef3649f24c5497d698ea9d07ac5f35a26710 1841 xml-security-c_1.7.2-1.dsc d576b07bb843eaebfde3be01301db40504ea8e8e477c0ad5f739b07022445452 875465 xml-security-c_1.7.2.orig.tar.gz 50e9ce850a35457602edbaddee58b0ecccfdabee2515f1a2ecb6655752da667c 12024 xml-security-c_1.7.2-1.debian.tar.xz 7b0ce19c4e77d366754dbb8cb814db3d967884e61b0a0b9730c2e999126cb809 279102 libxml-security-c17_1.7.2-1_i386.deb bd5f0d2acabed65cd24fa22d26f9e5c07ab074d2dd95344119ee39da89bee967 110818 libxml-security-c-dev_1.7.2-1_i386.deb aec9ba52f52837a02fc469e5036bf2c2b82d29aaf25cc315ad198c3ef7b64b86 120508 xml-security-c-utils_1.7.2-1_i386.deb Files: f142b0bd9081ecc5cdd50007410ef9cf 1841 libs extra xml-security-c_1.7.2-1.dsc 2487e00569f6465f7070389e40a3d84f 875465 libs extra xml-security-c_1.7.2.orig.tar.gz 0672e72dce6d315bdda2a1bb34fc8a08 12024 libs extra xml-security-c_1.7.2-1.debian.tar.xz 473dfed2707bd4a2569991fc66321ac6 279102 libs extra libxml-security-c17_1.7.2-1_i386.deb 1fd67612c8653987583d6d4282843596 110818 libdevel extra libxml-security-c-dev_1.7.2-1_i386.deb 8b391edddc3e08cd1af8fd82ca5a854b 120508 utils extra xml-security-c-utils_1.7.2-1_i386.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJRzJ5BAAoJEH2AMVxXNt51kZ8H+wR6GrybFrKzrYyh9UQ0pacr QZFq5fAEyNtcoCt2eIkYFzNQIWuV4CWxvmok/+I65t3exrfFd3ZfJQ9lA1I3SKPL zTWRGYkU6T3hovEO4fzTX8LoxUsDCrIeYhzDsD3j9pYj7yK4SikVs7zVfIyrL5lv yr5iLzcmr/I0TqFmGwjzK3NhkKCYCBHdAHIFCIjv+81vl6PNpo/NPZl26em+KmHA JTMhO08Sae1/xwYuxgLEhJvTEK1dMhN7vAPPzcGN/UxHzvsjHE7HTSkWbKaNfXwM WYbnqvAa9l0kv9V8sQOUBnXPk2W2RROZwIJgt9OmCNCBZ4jOWbRECHoiPiSG5L8= =YXbC -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1usjnl-0000sh...@franck.debian.org