[Santuario] bug-fix for xml-security-c

Andres Sanchez Mendivelso andres.sanchez at smartmatic.com
Tue Sep 5 15:24:40 UTC 2017

Hey guys,

I hope this is the proper way to report a bug in one of the packages you're maintaining on Ubuntu 14.04. We found an issue on the XSECSafeBuffer compilation unit, in the Santuario project (xml-security-c package).

The fix has already been applied over the project's upstream, after we contacted one of the developers. You can see the comment over here: https://github.com/apache/santuario-cpp/pull/2.

You may find attached to this message a patch file with the fix.



Bug fix at the XSECSafeBuffer compilation unit by ansa256 · Pull Request #2 · apache/santuario-cpp<https://github.com/apache/santuario-cpp/pull/2>
Fix an outstanding issue on the safeBuffer class when catenating char* strings. The target buffer size was smaller than expected, potentially causing memory corruptions when appending to the intern...

Andrés Sánchez
Software Engineer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-shibboleth-devel/attachments/20170905/ec0bbd71/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: safe-buffer-length-fix.patch
Type: text/x-patch
Size: 461 bytes
Desc: safe-buffer-length-fix.patch
URL: <http://lists.alioth.debian.org/pipermail/pkg-shibboleth-devel/attachments/20170905/ec0bbd71/attachment.bin>

More information about the Pkg-shibboleth-devel mailing list