Bug#714241: xml-security-c: CVE-2013-2210

Salvatore Bonaccorso carnil at debian.org
Fri Jun 28 04:54:38 UTC 2013


Hi Russ,

On Thu, Jun 27, 2013 at 03:29:42PM -0700, Russ Allbery wrote:
> Salvatore Bonaccorso <carnil at debian.org> writes:
> 
> > Could you double check this, and prepare packages for squeeze and
> > wheezy too?
> 
> I've uploaded fixed versions for experimental and unstable.  Here are the
> debdiff patches for wheezy and squeeze.  Permission to upload to the
> security queue?
> 
> Please note that Shibboleth doesn't exercise this part of the code, so I
> don't personally have any application that tests this part of the
> library.  However, the upstream change is fairly simple.

Looks good. Yes please upload to security-master both.

Thanks for your quick update.

Regards,
Salvatore



More information about the Pkg-shibboleth-devel mailing list