-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 24 Jul 2009 15:02:55 -0700 Source: xml-security-c Binary: libxml-security-c14 libxml-security-c-dev Architecture: source i386 Version: 1.4.0-4 Distribution: unstable Urgency: high Maintainer: Debian Shib Team <pkg-shibboleth-de...@lists.alioth.debian.org> Changed-By: Russ Allbery <r...@debian.org> Description: libxml-security-c-dev - C++ library for XML Digital Signatures (development) libxml-security-c14 - C++ library for XML Digital Signatures (runtime) Changes: xml-security-c (1.4.0-4) unstable; urgency=high . * CVE-2009-0217: Apply upstream patch to sanity-check the HMAC truncation length. Closes a vulnerability that could allow an attacker to spoof HMAC-based signatures and bypass authentication. * Remove duplicate section for libxml-security-c14. * Update standards version to 3.8.2 (no changes required). Checksums-Sha1: c33fb7ce8b404624e312c22c8469afce10d66420 1350 xml-security-c_1.4.0-4.dsc 476ff6791d25f0bac1387c4d84a901142cbbc7a0 6257 xml-security-c_1.4.0-4.diff.gz aee56c9cf0f0ee08460dbcb55ca4ba87c9774b6f 367778 libxml-security-c14_1.4.0-4_i386.deb 9f472e57fa41be2a173639d1b77ccaebb58b78ba 139684 libxml-security-c-dev_1.4.0-4_i386.deb Checksums-Sha256: d0e30da2a99e89ffc3521205424faf4bc1778137572c5fc698566d394f4d192e 1350 xml-security-c_1.4.0-4.dsc 496f9600fbeff13c63fdc8ac1b287a9927d5f05112ba3d7ac8ee1d8dc6cc587b 6257 xml-security-c_1.4.0-4.diff.gz 7a1a9e0b8e8cfffe47de0cb6e8808149e7bb7e5b46a29442a6bb906e6999f576 367778 libxml-security-c14_1.4.0-4_i386.deb 933d750e139c55d9cf0602b05ced6ecbde350d6b5d82b79e0951d6cb617cfdd5 139684 libxml-security-c-dev_1.4.0-4_i386.deb Files: c375af40c3d02f106d1a8fbfd31db9a0 1350 libs extra xml-security-c_1.4.0-4.dsc 12028cf2a8a899691ddb0fdeaae43ba6 6257 libs extra xml-security-c_1.4.0-4.diff.gz a0fb1466234a8f3b0fd61f4d80fc4435 367778 libs extra libxml-security-c14_1.4.0-4_i386.deb 7b8523b3ccef3986778fdf552e765591 139684 libdevel extra libxml-security-c-dev_1.4.0-4_i386.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkpqNg0ACgkQ+YXjQAr8dHaDEACdEkLBQqdqUWtmixm7P+MdTYee e/QAn2VONWtapWMA7KYW1oucty5M8RW4 =mwRc -----END PGP SIGNATURE----- Accepted: libxml-security-c-dev_1.4.0-4_i386.deb to pool/main/x/xml-security-c/libxml-security-c-dev_1.4.0-4_i386.deb libxml-security-c14_1.4.0-4_i386.deb to pool/main/x/xml-security-c/libxml-security-c14_1.4.0-4_i386.deb xml-security-c_1.4.0-4.diff.gz to pool/main/x/xml-security-c/xml-security-c_1.4.0-4.diff.gz xml-security-c_1.4.0-4.dsc to pool/main/x/xml-security-c/xml-security-c_1.4.0-4.dsc -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org