[SCM] Debian packaging for XML-Security-C branch, master, updated. debian/1.6.0-2-6-g508773a
Russ Allbery
rra at debian.org
Thu Jul 7 16:19:40 UTC 2011
The following commit has been merged in the master branch:
commit 2d3877d497f85f0180b198846c3c3b8a72e8d719
Author: Russ Allbery <rra at debian.org>
Date: Thu Jul 7 08:48:05 2011 -0700
Add changelog for upstream 1.6.1 release
diff --git a/debian/changelog b/debian/changelog
index b89a1c8..f80d66a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,15 @@
xml-security-c (1.6.1-1) UNRELEASED; urgency=low
+ * New upstream release.
+ - DSIGObject::load method crashes for ds:Object without Id attribute
+ - Buffer overflow when signing or verifying files with big asymmetric
+ keys (Closes: #632973, CVE-2011-2516)
+ - Memory bug inside XENCCipherImpl::deSerialise
+ - Function cleanURIEscapes always throws XSECException, when any
+ escape sequence occurs
+ - Function isHexDigit doesn't recognize invalid escape sequences
+ - Percent-encoded multibyte (UTF-8) sequences unrecognized
+ - RSA-OAEP handler only allows SHA-1 digests
* Update debian/watch for the new organization of Apache downloads.
-- Russ Allbery <rra at debian.org> Thu, 07 Jul 2011 08:42:55 -0700
--
Debian packaging for XML-Security-C
More information about the Pkg-shibboleth-devel
mailing list