-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: xmltooling
Version: 1.4.2-5+deb7u2
CVE ID : CVE-2018-0486
Philip Huppert discovered the Shibboleth service provider is vulnerable
to impersonation attacks and information disclosure due to mishandling
of DTDs in the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 18 Jul 2017 21:58:24 -0500
Source: ca-certificates
Binary: ca-certificates
Architecture: source all
Version: 20130119+deb7u2
Distribution: wheezy-security
Urgency: medium
Maintainer: Michael Shuler
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sun, 14 Jan 2018 20:41:01 +0100
Source: xmltooling
Binary: libxmltooling5 libxmltooling-dev xmltooling-schemas libxmltooling-doc
Architecture: source amd64 all
Version: 1.4.2-5+deb7u2
Distribution: wheezy-security
Urgency: high
Raphael Hertzog writes:
> Yes, please. I saw reports of failures on IRC due to missing CA
> certificates.
Done that now.
Does this deserve a DLA? If so, I have no idea what to include. Maybe
something like:
--- cut ---
This release does a complete update of the CA list.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sun, 14 Jan 2018 17:12:42 +0100
Source: libkohana2-php
Binary: libkohana2-php libkohana2-modules-php
Architecture: source all
Version: 2.3.4-2+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Sven Velt
Hi Chris,
On Sunday, January 14, 2018, Chris Lamb wrote:
> Hey Mike,
>
> > I will take over fixing the open CVE for smarty3 on wheezy during the
> > week in the course of getting the other versions fixed, too.
> >
> > Ping me again in a week, if no upload has occurred.
>
> Hey, how are you