Security update for xml-security-c
rra at debian.org
Thu Jul 7 18:40:33 UTC 2011
Upstream has released a security advisory for XML Security for C++, which
is packaged for Debian as xml-security-c. The upstream advisory is at:
I've uploaded fixed 1.6.1-1 packages to Debian unstable, and have
backported the patch to XML Security for C++ 1.5.1 and prepared packages
for squeeze. I've tested the new library by running through a Shibboleth
authentication and attribute retrieval, but have not gone so far as to try
to reproduce the bug and verify it that way.
Attached is the debdiff between 1.5.1+squeeze1 and 1.5.1. Is this good to
upload to stable-security? (The new packages are built with -sa.)
I'm working on a fix for lenny now.
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 6348 bytes
Desc: not available
More information about the Pkg-shibboleth-devel