[ubuntu/karmic] xml-security-c 1.4.0-4 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Sat Aug 15 17:47:04 BST 2009
xml-security-c (1.4.0-4) unstable; urgency=high
* CVE-2009-0217: Apply upstream patch to sanity-check the HMAC
truncation length. Closes a vulnerability that could allow an
attacker to spoof HMAC-based signatures and bypass authentication.
* Remove duplicate section for libxml-security-c14.
* Update standards version to 3.8.2 (no changes required).
Date: Sat, 15 Aug 2009 17:25:01 +0100
Changed-By: Michael Bienia <michael at bienia.de>
Maintainer: Debian Shib Team <pkg-shibboleth-devel at lists.alioth.debian.org>
Origin: Debian/testing
https://launchpad.net/ubuntu/karmic/+source/xml-security-c/1.4.0-4
-------------- next part --------------
Origin: Debian/testing
Format: 1.7
Date: Sat, 15 Aug 2009 17:25:01 +0100
Source: xml-security-c
Binary: libxml-security-c14, libxml-security-c-dev
Architecture: source
Version: 1.4.0-4
Distribution: karmic
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel at lists.alioth.debian.org>
Changed-By: Michael Bienia <michael at bienia.de>
Changes:
xml-security-c (1.4.0-4) unstable; urgency=high
.
* CVE-2009-0217: Apply upstream patch to sanity-check the HMAC
truncation length. Closes a vulnerability that could allow an
attacker to spoof HMAC-based signatures and bypass authentication.
* Remove duplicate section for libxml-security-c14.
* Update standards version to 3.8.2 (no changes required).
Files:
12028cf2a8a899691ddb0fdeaae43ba6 6257 libs extra xml-security-c_1.4.0-4.diff.gz
c375af40c3d02f106d1a8fbfd31db9a0 1350 libs extra xml-security-c_1.4.0-4.dsc
More information about the Karmic-changes
mailing list