Bug#714241: xml-security-c: CVE-2013-2210
Russ Allbery
rra at debian.org
Thu Jun 27 17:26:24 UTC 2013
Salvatore Bonaccorso <carnil at debian.org> writes:
> the following vulnerability was published for xml-security-c. It looks
> the fix for CVE-2013-2154 introduced the possibility of a heap overflow.
> CVE-2013-2210[0]:
> heap overflow during XPointer evaluation
Yeah, thanks -- working on this today. I was going to work on it
yesterday but then something else I was working on didn't go as planned.
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
More information about the Pkg-shibboleth-devel
mailing list