[ubuntu/precise-updates] raptor2 2.0.6-1ubuntu0.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Jul 8 12:58:10 UTC 2013


raptor2 (2.0.6-1ubuntu0.1) precise-security; urgency=low

  * SECURITY UPDATE: arbitrary file disclosure via XML External Entity
    (XXE) attack
    - debian/patches/CVE-2012-0037.patch: Add disabled by default
      loadExternalEntities and RAPTOR_OPTION_LOAD_EXTERNAL_ENTITIES option
      for turning on loading of XML external entities in librdfa/rdfa.c,
      src/raptor2.h.in, src/raptor_libxml.c, src/raptor_option.c,
      src/raptor_rdfxml.c, src/raptor_rss.c, src/raptor_internal.h,
      src/raptor_sax2.c.
    - CVE-2012-0037

Date: 2013-07-04 17:30:26.437685+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/precise/+source/raptor2/2.0.6-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Precise-changes mailing list