[Bug 1048835] Re: [Quantal] xmlrpc-c is vulnerable to CVE-2012-0876 and CVE-2012-1148
Tyler Hicks
tyhicks at canonical.com
Mon Sep 10 22:42:32 UTC 2012
** Patch added: "xmlrpc-c_1.16.33-3.1ubuntu6.debdiff"
https://bugs.launchpad.net/ubuntu/+source/xmlrpc-c/+bug/1048835/+attachment/3306246/+files/xmlrpc-c_1.16.33-3.1ubuntu6.debdiff
** Changed in: xmlrpc-c (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
** Changed in: xmlrpc-c (Ubuntu)
Status: Triaged => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to xmlrpc-c in Ubuntu.
https://bugs.launchpad.net/bugs/1048835
Title:
[Quantal] xmlrpc-c is vulnerable to CVE-2012-0876 and CVE-2012-1148
Status in “xmlrpc-c” package in Ubuntu:
Confirmed
Bug description:
XML-RPC for C and C++ could be made to cause a denial of service by
consuming excessive CPU and memory resources.
Here is the USN for the stable releases:
http://www.ubuntu.com/usn/usn-1527-2/
and the security team CVE tracker links:
http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-0876
http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-1148
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xmlrpc-c/+bug/1048835/+subscriptions
More information about the foundations-bugs
mailing list