Bug#913136: xml-security-c: DSA verification crashes OpenSSL on invalid combinations of key content
wferi at debian.org
Wed Nov 7 11:50:51 GMT 2018
Tags: patch upstream security
Control: fixed 2.0.2-1
Particular KeyInfo combinations result in incomplete DSA key structures
that OpenSSL can't handle without crashing.
Very similar to #905332.
More information about the Pkg-shibboleth-devel