1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4265-1] xml-security-c security update

    From Moritz Muehlenhoff@1:229/2 to All on Sun Aug 5 12:50:01 2018
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4265-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 05, 2018 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : xml-security-c
    CVE ID : not yet available

    It was discovered that the Apache XML Security for C++ library performed insufficient validation of KeyInfo hints, which could result in denial
    of service via NULL pointer dereferences when processing malformed XML
    data.

    For the stable distribution (stretch), this problem has been fixed in
    version 1.7.3-4+deb9u1.

    We recommend that you upgrade your xml-security-c packages.

    For the detailed security status of xml-security-c please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/xml-security-c

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAltm1AIACgkQEMKTtsN8 Tja0GA//bsWN1u/r1xwKb3hXH/skHWikiRxmsuswssu84fo/gvtVOkgahnBdtnae PfNoX25g0WJc7NHH+4P0ehOUIxX4Sypm4IWg2/gX6N3SWuut3D+/WF6tobT+7kha bldJ8ZVqISp5Ss36PmH2TnMIBZ7z43XRpShtC2k43qQz1JMfXgslilBKivQcd4Gw 88tGTMdJbyjc7GvOsrgZw/VphR69c3Fe9hW2x1G3Lasd7kV7/ugZDSt34x/R1Ylp 0nC2rFukc698osMBWcxze1FeyBbAraf4cTAZHCexy8Yo74JZeIu2oeirkre4hZqM SzaWJmp0GEru73Y/mJbssMvsE9N5IDm83AD7kz72pyi1Bcaw2axQ4MwuSYKKveiE YsLdAhTXKksvsuQSbP+msKQJEvscrCq/uYzULwqvKcUj3r+AWIzBNzJQVSMG8cad o1GpUfBYabMWzTd2KoX5nBT/WBhtt+KRgH3rdUZZjnsZfUHPcRW8g/esNT5q1pIv h+uFPjXJ/1t0pPKEWc4BgKo9mQbUri4mrrj9azbEWPGeFuWUAQJ6w92Jp+UyKhN3 A3UCAcCsIvlqT4dab1v3FRR2+1GkOTZjB64TuKO9UBGOFjwo5hWxqCTeGKLikwNH yk82xoyaugszGzInkjXaTouIwWw0Bn0JRw5bbWYbvAaupmoWV5A=
    =ItMu
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)