Skip to content
debian/1.6.1-6
Russ Allbery's avatar
Russ Allbery
@rra
b746ed06 · Apply upstream security patches ·
Unverified 
Debian release 1.6.1-6

Format: 1.8
Date: Mon, 17 Jun 2013 22:25:32 -0700
Source: xml-security-c
Binary: libxml-security-c16 libxml-security-c-dev
Architecture: source i386
Version: 1.6.1-6
Distribution: unstable
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c16 - C++ library for XML Digital Signatures (runtime)
Changes:
 xml-security-c (1.6.1-6) unstable; urgency=high
 .
   * Apply upstream patch to fix a spoofing vulnerability that allows an
     attacker to reuse existing signatures with arbitrary content.
     (CVE-2013-2153)
   * Apply upstream patch to fix a stack overflow in the processing of
     malformed XPointer expressions in the XML Signature Reference
     processing code.  (CVE-2013-2154)
   * Apply upstream patch to fix processing of the output length of an
     HMAC-based XML Signature that could cause a denial of service when
     processing specially chosen input.  (CVE-2013-2155)
   * Apply upstream patch to fix a heap overflow in the processing of the
     PrefixList attribute optionally used in conjunction with Exclusive
     Canonicalization, potentially allowing arbitrary code execution.
     (CVE-2013-2156)
Checksums-Sha1:
 7d5f77229ba8baecb55ee651a99828a04346e914 1245 xml-security-c_1.6.1-6.dsc
 461ca76f00d5bc93bf4f8b4b1b2f610e2a538559 11710 xml-security-c_1.6.1-6.debian.tar.gz
 8cb9168d96ee39c928f8e8b299e4c0e23b8ff703 369536 libxml-security-c16_1.6.1-6_i386.deb
 f5c6826e8726831f1e21a0fa2bc244c11a37e0ba 151214 libxml-security-c-dev_1.6.1-6_i386.deb
Checksums-Sha256:
 292c6b003aa0de95593461ddd8aaece722d8b79a28bbb0013a3a3ce13bd0d4a2 1245 xml-security-c_1.6.1-6.dsc
 da3a4a694679319645aaf8a68cd95d0958b0fdf9b226655048a5be77faac5330 11710 xml-security-c_1.6.1-6.debian.tar.gz
 a6d85dcf7c716ce53a9a3e3d15868455c9e97a8d7d7e55ff01fe51aa4c569d7d 369536 libxml-security-c16_1.6.1-6_i386.deb
 de89b954941647b8cd1cf31366b87306391a431d514173b8bcf6dcfa5a770d34 151214 libxml-security-c-dev_1.6.1-6_i386.deb
Files:
 bc22772d002f1fee985a43585335d0d4 1245 libs extra xml-security-c_1.6.1-6.dsc
 ef0a096023f4fd1509a522d53dd39ffb 11710 libs extra xml-security-c_1.6.1-6.debian.tar.gz
 e582ebb337b3162556b8accea649bc72 369536 libs extra libxml-security-c16_1.6.1-6_i386.deb
 858ea72ce94a2d4bab88dd2eec1481ac 151214 libdevel extra libxml-security-c-dev_1.6.1-6_i386.deb