xmltooling_1.6.4-1_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Wed Feb 28 11:37:29 UTC 2018
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 28 Feb 2018 10:39:05 +0100
Source: xmltooling
Binary: libxmltooling7 libxmltooling-dev xmltooling-schemas libxmltooling-doc
Architecture: source
Version: 1.6.4-1
Distribution: unstable
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel at lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi at debian.org>
Description:
libxmltooling-dev - C++ XML parsing library with encryption support (development)
libxmltooling-doc - C++ XML parsing library with encryption support (API docs)
libxmltooling7 - C++ XML parsing library with encryption support (runtime)
xmltooling-schemas - XML schemas for XMLTooling
Changes:
xmltooling (1.6.4-1) unstable; urgency=high
.
* [6c27b19] New upstream security release 1.6.4
DSA-4126-1, CVE-2018-0489: additional data forgery flaws
These flaws allow for changes to an XML document that do not break a
digital signature but alter the user data passed through to applications
enabling impersonation attacks and exposure of protected information.
https://shibboleth.net/community/advisories/secadv_20180227.txt
https://issues.shibboleth.net/jira/browse/CPPXT-128
* [621ab19] Refresh our patches
Checksums-Sha1:
55a70570b7ff2805349a1dd0a05e5f7cedf2d239 2462 xmltooling_1.6.4-1.dsc
dea065379b611bbc0f1e9320fcb36662c7884d8a 581796 xmltooling_1.6.4.orig.tar.bz2
caa17312e4529c4a991bc447d899017b95ae3a51 71596 xmltooling_1.6.4-1.debian.tar.xz
2eaaad54cef5c67ff2c5575b013e8c9bf77211a9 9589 xmltooling_1.6.4-1_amd64.buildinfo
Checksums-Sha256:
0caa468b564644d5f355ca2ed6807ed92d43babcef2afd494f08cf039fe71972 2462 xmltooling_1.6.4-1.dsc
4c0c4a08b8c55f1210673281f37fc95b6d1d365a8cdc726fd189dea96c45efca 581796 xmltooling_1.6.4.orig.tar.bz2
d9c12fa2723995d083382fe4798b801e4d3b05b90a9026140a375a39d06a5bae 71596 xmltooling_1.6.4-1.debian.tar.xz
0e3939bacbcd82a1576b16e084f24cecaca950c394948ea70f7e905101ea133a 9589 xmltooling_1.6.4-1_amd64.buildinfo
Files:
e44342f1fd7f88492bcae10cd6581a2c 2462 libs optional xmltooling_1.6.4-1.dsc
27dca3e406526430c465ce2582ea9ea1 581796 libs optional xmltooling_1.6.4.orig.tar.bz2
067ac8cd65422f0c05b2ff9981b8f2f8 71596 libs optional xmltooling_1.6.4-1.debian.tar.xz
02c018b87d2e96360f56af5ce66c7900 9589 libs optional xmltooling_1.6.4-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEwddEx0RNIUL7eugtOsj3Fkd+2yMFAlqWj4kACgkQOsj3Fkd+
2yOvwg//ec5QNcHcwBwaZ/xQQp0maCKyC9Sl2yCVLpnvnJXdu7kp7s7FuJ485TxL
QH8Jh+rl1K15kgkYbev1/4EmL1wGvFmnYVGPebPxhHt3IQZqRWarwTWnNaPwqxYG
QDNGlXa+OMTeGlZZDxI4SoNHbni2HxmSu9FfpnrU8EBZfOxS06ohh6REdPvgXh0n
tSWJxC1lrvJZof3ltjhrg9GBr+4LJ6/WPq1xRr2u3P++8MIsF9ZbFwyzDE/y7Q/2
m6H12l01n0Pn76Kn4vmKEONDtiajWoEXNGFnMaQz9EK9w5UqUc6nafzvmMgB0QIH
/I32ruW1nxNwAJxlOqWlruSrJDi1wh2L+fj8twtRwXYwwgylno/6HzObC32rCpC2
kPmGnoiN7qZgUdf7NgzwpHLfLQGzKuu+S3TjKcjMcTYVD1zREUTmXXslQjW4af12
Qj91xpYvIsJRyl8yhyWspJyOXKVXwbyxgaG3+zueQR2Gq7eqSkLB6/DYOKPuQu25
hF+kAaNBd7KSUxtVCPvKSZN51Vi3sHyJics3pNJvV+J3XuaQ9oSYP49tduclm8fX
pydOyzAywTn+ywc+lOOvCMte38y0AxZz/Hynl7AQ//yUcfz+3vUxt3/qFNaRm7gC
thU724cADAlWfL2HFYtxGaEu3k9p+XZrwZBbhssfTkeqXnzuxz0=
=F9P5
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-shibboleth-devel
mailing list