[ubuntu/precise-security] xmlrpc-c 1.16.33-3.1ubuntu5.1 (Accepted)

Tyler Hicks tyhicks at canonical.com
Mon Sep 10 20:43:16 UTC 2012

xmlrpc-c (1.16.33-3.1ubuntu5.1) precise-security; urgency=low

  * Run the tests as part of the build process
    - debian/patches/FTBFS-tests.patch: Fix issues when running make check.
      Based on upstream patches.
    - debian/rules: Run make check after building
  * Fix dependencies of xmlrpc-api-utils
    - debian/control: xml-rcp-api2cpp needs libxmlrpc_cpp.so.4, so depend on
  * SECURITY UPDATE: Denial of service via hash collisions
    - debian/patches/CVE-2012-0876.patch: Add random salt value to
      hash inputs. Based on upstream patch.
    - CVE-2012-0876
  * SECURITY UPDATE: Denial of service via memory leak
    - debian/patches/CVE-2012-1148.patch: Properly reallocate memory.
      Based on upstream patch.
    - CVE-2012-1148

Date: 2012-09-10 08:15:23.708056+00:00
Changed-By: Tyler Hicks <tyhicks at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list