[Bug 1048835] [NEW] [Quantal] xmlrpc-c is vulnerable to CVE-2012-0876 and CVE-2012-1148
Tyler Hicks
tyhicks at canonical.com
Mon Sep 10 21:56:48 UTC 2012
*** This bug is a security vulnerability ***
Public security bug reported:
XML-RPC for C and C++ could be made to cause a denial of service by
consuming excessive CPU and memory resources.
Here is the USN for the stable releases:
http://www.ubuntu.com/usn/usn-1527-2/
and the security team CVE tracker links:
http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-0876
http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-1148
** Affects: xmlrpc-c (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: Triaged
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to xmlrpc-c in Ubuntu.
https://bugs.launchpad.net/bugs/1048835
Title:
[Quantal] xmlrpc-c is vulnerable to CVE-2012-0876 and CVE-2012-1148
Status in “xmlrpc-c” package in Ubuntu:
Triaged
Bug description:
XML-RPC for C and C++ could be made to cause a denial of service by
consuming excessive CPU and memory resources.
Here is the USN for the stable releases:
http://www.ubuntu.com/usn/usn-1527-2/
and the security team CVE tracker links:
http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-0876
http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-1148
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xmlrpc-c/+bug/1048835/+subscriptions
More information about the foundations-bugs
mailing list