[ubuntu/karmic-security] xmlrpc-c (delayed), xmlrpc-c 1.06.27-1ubuntu6.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Thu Feb 18 21:03:20 GMT 2010 

xmlrpc-c (1.06.27-1ubuntu6.1) karmic-security; urgency=low

  * SECURITY UPDATE: fix DoS via malformed XML
    - debian/patches/CVE-2009-3720.patch: update expat/xmltok/xmltok_impl.c
      to not access beyond end of input string
    - CVE-2009-3720
  * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
    - debian/patches/CVE-2009-3560.patch: update expat/xmlparse/xmlparse.c to
      properly recognize the end of a token
    - CVE-2009-3560

Date: Tue, 26 Jan 2010 12:58:37 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/xmlrpc-c/1.06.27-1ubuntu6.1
-------------- next part --------------
Format: 1.8
Date: Tue, 26 Jan 2010 12:58:37 -0600
Source: xmlrpc-c
Binary: libxmlrpc-c3-dev libxmlrpc-c3 libxmlrpc-core-c3-dev libxmlrpc-core-c3 xml-rpc-api2cpp xml-rpc-api2txt
Architecture: source
Version: 1.06.27-1ubuntu6.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 libxmlrpc-c3 - A lightweight RPC library based on XML and HTTP for C and C++
 libxmlrpc-c3-dev - A lightweight RPC library based on XML and HTTP for C and C++
 libxmlrpc-core-c3 - A lightweight RPC library based on XML and HTTP (core libraries)
 libxmlrpc-core-c3-dev - A lightweight RPC library based on XML and HTTP (core libraries)
 xml-rpc-api2cpp - Generate C++ wrapper classes for XML-RPC servers
 xml-rpc-api2txt - Dump an XML-RPC API as a text file
Changes: 
 xmlrpc-c (1.06.27-1ubuntu6.1) karmic-security; urgency=low
 .
   * SECURITY UPDATE: fix DoS via malformed XML
     - debian/patches/CVE-2009-3720.patch: update expat/xmltok/xmltok_impl.c
       to not access beyond end of input string
     - CVE-2009-3720
   * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
     - debian/patches/CVE-2009-3560.patch: update expat/xmlparse/xmlparse.c to
       properly recognize the end of a token
     - CVE-2009-3560
Checksums-Sha1: 
 d69201601e260592ee3446298e92508f541a3870 1235 xmlrpc-c_1.06.27-1ubuntu6.1.dsc
 47a16ce004a77dbc748158d102154f44d554825d 8970 xmlrpc-c_1.06.27-1ubuntu6.1.diff.gz
Checksums-Sha256: 
 47bca96ceb7b9850485e54e9029d567d7e4013d5ba89f2f7b5c9e2c8b6580e87 1235 xmlrpc-c_1.06.27-1ubuntu6.1.dsc
 cb6fa8f2b9c323b24a6fa206c509991ebfebc59f2ce76c7ca71b5bd237937f02 8970 xmlrpc-c_1.06.27-1ubuntu6.1.diff.gz
Files: 
 ff5185e7e4f8dd3e28ca8ad37a71bc91 1235 libs optional xmlrpc-c_1.06.27-1ubuntu6.1.dsc
 3c900d470791bc6f96fef9f62ff855a6 8970 libs optional xmlrpc-c_1.06.27-1ubuntu6.1.diff.gz
Original-Maintainer: Sean Finney <seanius at debian.org>

More information about the Karmic-changes mailing list