[SCM] Debian packaging for XML-Security-C annotated tag, debian/1.6.1-6, created. debian/1.6.1-6

Russ Allbery rra at debian.org
Tue Jun 18 05:44:51 UTC 2013 

The annotated tag, debian/1.6.1-6 has been created
        at  f0ac2e37bb7c3f96090144cc5ded091c854a2814 (tag)
   tagging  b746ed0682ae68d877ef6b5c83065c9e0af34efa (commit)
  replaces  debian/1.6.1-5
 tagged by  Russ Allbery
        on  Mon Jun 17 22:43:39 2013 -0700

- Shortlog ------------------------------------------------------------
Debian release 1.6.1-6

Format: 1.8
Date: Mon, 17 Jun 2013 22:25:32 -0700
Source: xml-security-c
Binary: libxml-security-c16 libxml-security-c-dev
Architecture: source i386
Version: 1.6.1-6
Distribution: unstable
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel at lists.alioth.debian.org>
Changed-By: Russ Allbery <rra at debian.org>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c16 - C++ library for XML Digital Signatures (runtime)
Changes:
 xml-security-c (1.6.1-6) unstable; urgency=high
 .
   * Apply upstream patch to fix a spoofing vulnerability that allows an
     attacker to reuse existing signatures with arbitrary content.
     (CVE-2013-2153)
   * Apply upstream patch to fix a stack overflow in the processing of
     malformed XPointer expressions in the XML Signature Reference
     processing code.  (CVE-2013-2154)
   * Apply upstream patch to fix processing of the output length of an
     HMAC-based XML Signature that could cause a denial of service when
     processing specially chosen input.  (CVE-2013-2155)
   * Apply upstream patch to fix a heap overflow in the processing of the
     PrefixList attribute optionally used in conjunction with Exclusive
     Canonicalization, potentially allowing arbitrary code execution.
     (CVE-2013-2156)
Checksums-Sha1:
 7d5f77229ba8baecb55ee651a99828a04346e914 1245 xml-security-c_1.6.1-6.dsc
 461ca76f00d5bc93bf4f8b4b1b2f610e2a538559 11710 xml-security-c_1.6.1-6.debian.tar.gz
 8cb9168d96ee39c928f8e8b299e4c0e23b8ff703 369536 libxml-security-c16_1.6.1-6_i386.deb
 f5c6826e8726831f1e21a0fa2bc244c11a37e0ba 151214 libxml-security-c-dev_1.6.1-6_i386.deb
Checksums-Sha256:
 292c6b003aa0de95593461ddd8aaece722d8b79a28bbb0013a3a3ce13bd0d4a2 1245 xml-security-c_1.6.1-6.dsc
 da3a4a694679319645aaf8a68cd95d0958b0fdf9b226655048a5be77faac5330 11710 xml-security-c_1.6.1-6.debian.tar.gz
 a6d85dcf7c716ce53a9a3e3d15868455c9e97a8d7d7e55ff01fe51aa4c569d7d 369536 libxml-security-c16_1.6.1-6_i386.deb
 de89b954941647b8cd1cf31366b87306391a431d514173b8bcf6dcfa5a770d34 151214 libxml-security-c-dev_1.6.1-6_i386.deb
Files:
 bc22772d002f1fee985a43585335d0d4 1245 libs extra xml-security-c_1.6.1-6.dsc
 ef0a096023f4fd1509a522d53dd39ffb 11710 libs extra xml-security-c_1.6.1-6.debian.tar.gz
 e582ebb337b3162556b8accea649bc72 369536 libs extra libxml-security-c16_1.6.1-6_i386.deb
 858ea72ce94a2d4bab88dd2eec1481ac 151214 libdevel extra libxml-security-c-dev_1.6.1-6_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAABCAAGBQJRv/OeAAoJEH2AMVxXNt510FoH/iD3nuY+Z2O7Nn7m4q6h/4CS
VzdSlmq4g079LUcJm+5jumfc7GvKMW/UZvAi8p8nbNbebeCH+NBl7rCYOEVzT9UN
RROwJS84LtLtWccbZcPXLNXjxR4ArFbuCvSFlUkMVfoigyUNuAJVtiNX2dRRJ5y5
ECAtcBKGGe1nnC1P8zA1nn3khulsxlUAffKqcsNfmLJuldYpO/ixrWDESDwAjiwd
wflbCNA4Vm3c+whQXKtjDMVuiH7Y7ym4fP2Q/BnH8Qwy33Ztecw6usgCpNpvAXCI
Tq6/pVpBD/dEPGEZ8R9DAHUwp1j6KcXcn8sCuxVrGVeF9s8UB4ZrVMZtX7SUk+s=
=KEuO
-----END PGP SIGNATURE-----

Russ Allbery (1):
      Apply upstream security patches

-----------------------------------------------------------------------

-- 
Debian packaging for XML-Security-C

More information about the Pkg-shibboleth-devel mailing list