Accepted xml-security-c 1.6.1-1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 07 Jul 2011 09:10:33 -0700
Source: xml-security-c
Binary: libxml-security-c16 libxml-security-c-dev
Architecture: source i386
Version: 1.6.1-1
Distribution: unstable
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description:
libxml-security-c-dev - C++ library for XML Digital Signatures (development)
libxml-security-c16 - C++ library for XML Digital Signatures (runtime)
Closes: 632973
Changes:
xml-security-c (1.6.1-1) unstable; urgency=high
.
* Urgency high for security fix.
* New upstream release.
- DSIGObject::load method crashes for ds:Object without Id attribute
- Buffer overflow when signing or verifying files with big asymmetric
keys (Closes: #632973, CVE-2011-2516)
- Memory bug inside XENCCipherImpl::deSerialise
- Function cleanURIEscapes always throws XSECException, when any
escape sequence occurs
- Function isHexDigit doesn't recognize invalid escape sequences
- Percent-encoded multibyte (UTF-8) sequences unrecognized
- RSA-OAEP handler only allows SHA-1 digests
* Update debian/watch for the new organization of Apache downloads.
Checksums-Sha1:
fd7a3f73e53120fab3d7c99e43097d63db6103d3 1689 xml-security-c_1.6.1-1.dsc
239304659752eb214f3516b6c457c99f0e6467c7 864366 xml-security-c_1.6.1.orig.tar.gz
6874daf4e6ad0421ce34ee1f3e833923d79ca547 7285 xml-security-c_1.6.1-1.debian.tar.gz
2dd5e68cdee7b76567cf0a6fd912d0d9adaea8e9 372064 libxml-security-c16_1.6.1-1_i386.deb
5dbe7bede14e1cb0fc01a050c7a7425cab5f61b5 150394 libxml-security-c-dev_1.6.1-1_i386.deb
Checksums-Sha256:
74c60ca69966f246e40f3a10b1f61f1b84fdd0a58f3cda0b29eb2b0e1d484575 1689 xml-security-c_1.6.1-1.dsc
73931a55d6925a82416ea48f8d6f1b8ed591368e1dfc30574fe43904b7c62fcd 864366 xml-security-c_1.6.1.orig.tar.gz
ae82090ad6f81811de165fb795e8b5b84285e3f4f42cc19320eb73452a47297a 7285 xml-security-c_1.6.1-1.debian.tar.gz
140594585d9912644494c4d3a6d12fc31ae8972df3ae8b9b64905909d5b2623d 372064 libxml-security-c16_1.6.1-1_i386.deb
c202edb2f3e5b9ae7f8790bc7d0a8fcc86e8f2e5bd877764c42f03de41f6ae99 150394 libxml-security-c-dev_1.6.1-1_i386.deb
Files:
239ad9504d7326e84e8c49bb48f5c764 1689 libs extra xml-security-c_1.6.1-1.dsc
808316c80a7453b6d50a0bceb7ebe9bc 864366 libs extra xml-security-c_1.6.1.orig.tar.gz
7dbad386fb00cdb401ffc1210592148a 7285 libs extra xml-security-c_1.6.1-1.debian.tar.gz
2b7e014d7727c17fd301fa209b374d80 372064 libs extra libxml-security-c16_1.6.1-1_i386.deb
382d66533e1bc31680a2762c8f3786f4 150394 libdevel extra libxml-security-c-dev_1.6.1-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEcBAEBCAAGBQJOFdxjAAoJEH2AMVxXNt513h4IAMABgV5q0rNDu/xQ5eGUU0D4
W/zHxiY57/k5mNqLkyE1fFWP86S3adv/0vrAW9yk/8LorMXE7zxvvC+yFe/49BDV
ESVvfd0wVP25a+rjUyq5/LWZb+IvT99uhRAiBpVvhNFY85VZ3aKIViNuHJJgBibs
2/J33BqpH5PwvMhL2iL+UeHniNR0EOjLOvIB2uuFR7zP77HcuiGx1Mqpzw4cvspf
BJQBp4gIJX2CEHVBEpB+/+dYCy+AerCYe8lwCIE4hMhzl/33sG6mYCls5MioWec8
cLh0FO4ZfuudifkYemzynkwjC5RbGoaNEnzLpok0ZG2AQg+gUgzex4FzsVE/ijg=
=+cse
-----END PGP SIGNATURE-----
Accepted:
libxml-security-c-dev_1.6.1-1_i386.deb
to main/x/xml-security-c/libxml-security-c-dev_1.6.1-1_i386.deb
libxml-security-c16_1.6.1-1_i386.deb
to main/x/xml-security-c/libxml-security-c16_1.6.1-1_i386.deb
xml-security-c_1.6.1-1.debian.tar.gz
to main/x/xml-security-c/xml-security-c_1.6.1-1.debian.tar.gz
xml-security-c_1.6.1-1.dsc
to main/x/xml-security-c/xml-security-c_1.6.1-1.dsc
xml-security-c_1.6.1.orig.tar.gz
to main/x/xml-security-c/xml-security-c_1.6.1.orig.tar.gz
Reply to: