[ubuntu/karmic] xml-security-c 1.4.0-4 (Accepted)

Ubuntu Installer archive at ubuntu.com
Sat Aug 15 17:47:04 BST 2009


xml-security-c (1.4.0-4) unstable; urgency=high

  * CVE-2009-0217: Apply upstream patch to sanity-check the HMAC
    truncation length.  Closes a vulnerability that could allow an
    attacker to spoof HMAC-based signatures and bypass authentication.
  * Remove duplicate section for libxml-security-c14.
  * Update standards version to 3.8.2 (no changes required).

Date: Sat,  15 Aug 2009 17:25:01 +0100
Changed-By: Michael Bienia <michael at bienia.de>
Maintainer: Debian Shib Team <pkg-shibboleth-devel at lists.alioth.debian.org>
Origin: Debian/testing
https://launchpad.net/ubuntu/karmic/+source/xml-security-c/1.4.0-4
-------------- next part --------------
Origin: Debian/testing
Format: 1.7
Date: Sat,  15 Aug 2009 17:25:01 +0100
Source: xml-security-c
Binary: libxml-security-c14, libxml-security-c-dev
Architecture: source
Version: 1.4.0-4
Distribution: karmic
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel at lists.alioth.debian.org>
Changed-By: Michael Bienia <michael at bienia.de>
Changes: 
 xml-security-c (1.4.0-4) unstable; urgency=high
 .
   * CVE-2009-0217: Apply upstream patch to sanity-check the HMAC
     truncation length.  Closes a vulnerability that could allow an
     attacker to spoof HMAC-based signatures and bypass authentication.
   * Remove duplicate section for libxml-security-c14.
   * Update standards version to 3.8.2 (no changes required).
Files: 
 12028cf2a8a899691ddb0fdeaae43ba6 6257 libs extra xml-security-c_1.4.0-4.diff.gz
 c375af40c3d02f106d1a8fbfd31db9a0 1350 libs extra xml-security-c_1.4.0-4.dsc


More information about the Karmic-changes mailing list