Accepted xml-security-c 1.2.1-3+etch1 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 24 Jul 2009 16:34:29 -0700
Source: xml-security-c
Binary: libxml-security-c-doc libxml-security-c-dev libxml-security-c12
Architecture: source i386 all
Version: 1.2.1-3+etch1
Distribution: oldstable-security
Urgency: high
Maintainer: Quanah Gibson-Mount <quanah@stanford.edu>
Changed-By: Russ Allbery <rra@debian.org>
Description:
libxml-security-c-dev - C++ library for XML Digital Signatures (development)
libxml-security-c-doc - C++ library for XML Digital Signatures (documentation)
libxml-security-c12 - C++ library for XML Digital Signatures (runtime)
Changes:
xml-security-c (1.2.1-3+etch1) oldstable-security; urgency=high
.
* CVE-2009-0217: Apply upstream patch to sanity-check the HMAC
truncation length. Closes a vulnerability that could allow an
attacker to spoof HMAC-based signatures and bypass authentication.
Files:
7c376bd95337c43d4de11ea3a75a24f5 798 libs extra xml-security-c_1.2.1-3+etch1.dsc
c8cfd893e0d13c08e6cdffc1b02d431c 2560698 libs extra xml-security-c_1.2.1.orig.tar.gz
eee96ead16c0fe740d1e323bde905830 9397 libs extra xml-security-c_1.2.1-3+etch1.diff.gz
18d5996d062d21bd6af815c80bda5b1a 293276 libs extra libxml-security-c12_1.2.1-3+etch1_i386.deb
b2a8f94634550d36369326943ed53baf 120864 libdevel extra libxml-security-c-dev_1.2.1-3+etch1_i386.deb
ee0ffa05b1b60925e38f3fca562a08eb 1845748 doc extra libxml-security-c-doc_1.2.1-3+etch1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkpvU3kACgkQ+YXjQAr8dHa6KgCcC6SMzsYBxNwZCVcXYIcCqeGf
iyAAoNRHnlRdNX+LC2dcGWuEwcogSfe4
=paTU
-----END PGP SIGNATURE-----
Accepted:
libxml-security-c-dev_1.2.1-3+etch1_i386.deb
to pool/main/x/xml-security-c/libxml-security-c-dev_1.2.1-3+etch1_i386.deb
libxml-security-c-doc_1.2.1-3+etch1_all.deb
to pool/main/x/xml-security-c/libxml-security-c-doc_1.2.1-3+etch1_all.deb
libxml-security-c12_1.2.1-3+etch1_i386.deb
to pool/main/x/xml-security-c/libxml-security-c12_1.2.1-3+etch1_i386.deb
xml-security-c_1.2.1-3+etch1.diff.gz
to pool/main/x/xml-security-c/xml-security-c_1.2.1-3+etch1.diff.gz
xml-security-c_1.2.1-3+etch1.dsc
to pool/main/x/xml-security-c/xml-security-c_1.2.1-3+etch1.dsc
Reply to: