[Bug 1186860] Re: Hash collision vulnerability in xml-light

Launchpad Bug Tracker Thu, 06 Jun 2013 13:36:55 -0700

This bug was fixed in the package xml-light - 2.2-12ubuntu0.10.04.1

---------------
xml-light (2.2-12ubuntu0.10.04.1) lucid-security; urgency=low


  * SECURITY-UPDATE: Fix to prevent hash collision attack (LP: #1186860)
    - debian/patches/05_CVE_2012_3514.dpatch: dtd.ml: Use Map(String) instead
      of Hash for DTD proof. Based on upstream patch.
    - CVE-2012-3514
 -- Christian Kuersteiner <[email protected]>   Wed, 05 Jun 2013 13:53:52 +0700

** Changed in: xml-light (Ubuntu Lucid)
       Status: Fix Committed => Fix Released

** Changed in: xml-light (Ubuntu Precise)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1186860

Title:
  Hash collision vulnerability in xml-light

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xml-light/+bug/1186860/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1186860] Re: Hash collision vulnerability in xml-light

Reply via email to