[SCM] Debian packaging for XML-Security-C annotated tag, debian/1.6.1-5+deb7u2_bpo60+1, created. debian/1.6.1-5+deb7u2_bpo60+1

Russ Allbery rra at debian.org
Sat Jun 29 21:04:57 UTC 2013 

The annotated tag, debian/1.6.1-5+deb7u2_bpo60+1 has been created
        at  aaee1d533d94d26f5006a480af86dc5b6eb8a56e (tag)
   tagging  d82db95a3446a89a9640948664e725f686332ec9 (commit)
  replaces  debian/1.6.1-5+deb7u1_bpo60+1
 tagged by  Russ Allbery
        on  Sat Jun 29 14:04:21 2013 -0700

- Shortlog ------------------------------------------------------------
Debian release 1.6.1-5+deb7u2~bpo60+1

Format: 1.8
Date: Tue, 18 Jun 2013 10:39:10 -0700
Source: xml-security-c
Binary: libxml-security-c16 libxml-security-c-dev
Architecture: source i386
Version: 1.6.1-5+deb7u2~bpo60+1
Distribution: squeeze-backports
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel at lists.alioth.debian.org>
Changed-By: Russ Allbery <rra at debian.org>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c16 - C++ library for XML Digital Signatures (runtime)
Closes: 714241
Changes:
 xml-security-c (1.6.1-5+deb7u2~bpo60+1) squeeze-backports; urgency=high
 .
   * Backport to oldstable.
   * Revert the change to use multiarch and force a non-multiarch libdir.
   * Relax versioned dependency on libssl-dev to build on squeeze.
 .
 xml-security-c (1.6.1-5+deb7u2) stable-security; urgency=high
 .
   * The attempted fix to address CVE-2013-2154 introduced the possibility
     of a heap overflow, possibly leading to arbitrary code execution, in
     the processing of malformed XPointer expressions in the XML Signature
     Reference processing code.  Apply upstream patch to fix that heap
     overflow.  (Closes: #714241, CVE-2013-2210)
Checksums-Sha1:
 b155274c7ab371ff383d921c470f2df16600fb32 1743 xml-security-c_1.6.1-5+deb7u2~bpo60+1.dsc
 ac091a646ca7d2d9097e5f18c47512493021e1b2 12572 xml-security-c_1.6.1-5+deb7u2~bpo60+1.debian.tar.gz
 a31a62166de332724aef737bbdda960c096c0306 384488 libxml-security-c16_1.6.1-5+deb7u2~bpo60+1_i386.deb
 e0d2a4dc269b37163e511e1c696d8bee6f550eb4 151404 libxml-security-c-dev_1.6.1-5+deb7u2~bpo60+1_i386.deb
Checksums-Sha256:
 8da62d81f133460d687ec046dae67a794b05fdf8b11fd0db97930cd098d7d1e6 1743 xml-security-c_1.6.1-5+deb7u2~bpo60+1.dsc
 5b89b36598db3896682014b14a9dc173a4ca4ac00ab6afceeba34606c54dcb8f 12572 xml-security-c_1.6.1-5+deb7u2~bpo60+1.debian.tar.gz
 0cea5e2d1b27c023a5648182ca94caa354143821965a51397450493a82472988 384488 libxml-security-c16_1.6.1-5+deb7u2~bpo60+1_i386.deb
 e1ed07c7446f50aeb44cc3667c9a80a1d37d3cfc0d339f86a3b11086924ee130 151404 libxml-security-c-dev_1.6.1-5+deb7u2~bpo60+1_i386.deb
Files:
 9d9dec491431b7f20dd9e1d1d59f352a 1743 libs extra xml-security-c_1.6.1-5+deb7u2~bpo60+1.dsc
 8e3dd81068339452f4b2c17410d56d09 12572 libs extra xml-security-c_1.6.1-5+deb7u2~bpo60+1.debian.tar.gz
 829e1f43077c64107494a919738af81d 384488 libs extra libxml-security-c16_1.6.1-5+deb7u2~bpo60+1_i386.deb
 efbac6cc2111dfff7c650626dcbfe0b3 151404 libdevel extra libxml-security-c-dev_1.6.1-5+deb7u2~bpo60+1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAABCAAGBQJRz0vtAAoJEH2AMVxXNt51Z30IALtjdJaA89vsS4vEEScWMdou
DwUVaNrq9yWQmhu3CEQuHeShU4VdSMzEJn9fHNel1nDX5fejBP1b4oO0cfZG6Q5M
mbRNsL1zoqp1aAjttheJ9v4wGX3EtOPPjoIAzErIemoAJ+8ZI43b87Wgab7Qd2Dh
pu0ijAIOu0N/cpAlSG4FSdASTk9ORJLI/vuTQcyLW5boz1r0UrpBSUIZiBIDg8yr
4Bwsym7mKKHUgeRFZZ2WXIO2vjarQuw9A1MIBlKFTv/4lGKUurhIdCMu+AhnEwI7
8j4qQ86JBaocEl8lMWYkGAvZh6xasSXu+rvJQ68zbAfo8s/sFbQAPr11FXzuhPI=
=Roky
-----END PGP SIGNATURE-----

Russ Allbery (1):
      Apply upstream patch for heap overflow (CVE-2013-2210)

-----------------------------------------------------------------------

-- 
Debian packaging for XML-Security-C

More information about the Pkg-shibboleth-devel mailing list