Security update for xml-security-c
nico at ngolde.de
Thu Jul 7 20:12:11 UTC 2011
* Russ Allbery <rra at debian.org> [2011-07-07 20:51]:
> Upstream has released a security advisory for XML Security for C++, which
> is packaged for Debian as xml-security-c. The upstream advisory is at:
> I've uploaded fixed 1.6.1-1 packages to Debian unstable, and have
> backported the patch to XML Security for C++ 1.5.1 and prepared packages
> for squeeze. I've tested the new library by running through a Shibboleth
> authentication and attribute retrieval, but have not gone so far as to try
> to reproduce the bug and verify it that way.
> Attached is the debdiff between 1.5.1+squeeze1 and 1.5.1. Is this good to
> upload to stable-security? (The new packages are built with -sa.)
> I'm working on a fix for lenny now.
Looks good (also the lenny update). Please upload to security-master.
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: not available
More information about the Pkg-shibboleth-devel