it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 4265-1] xml-security-c security update
- Date: Sun, 5 Aug 2018 10:44:48 +0000
- List-archive: https://lists.debian.org/msgid-search/20180805104448.iezqw6exhjybplju AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Sun, 5 Aug 2018 10:45:40 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <CyLaSSILQEJ.A.2SE.UVtZbB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4265-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 05, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : xml-security-c
CVE ID : not yet available
It was discovered that the Apache XML Security for C++ library performed
insufficient validation of KeyInfo hints, which could result in denial
of service via NULL pointer dereferences when processing malformed XML
data.
For the stable distribution (stretch), this problem has been fixed in
version 1.7.3-4+deb9u1.
We recommend that you upgrade your xml-security-c packages.
For the detailed security status of xml-security-c please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xml-security-c
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAltm1AIACgkQEMKTtsN8
Tja0GA//bsWN1u/r1xwKb3hXH/skHWikiRxmsuswssu84fo/gvtVOkgahnBdtnae
PfNoX25g0WJc7NHH+4P0ehOUIxX4Sypm4IWg2/gX6N3SWuut3D+/WF6tobT+7kha
bldJ8ZVqISp5Ss36PmH2TnMIBZ7z43XRpShtC2k43qQz1JMfXgslilBKivQcd4Gw
88tGTMdJbyjc7GvOsrgZw/VphR69c3Fe9hW2x1G3Lasd7kV7/ugZDSt34x/R1Ylp
0nC2rFukc698osMBWcxze1FeyBbAraf4cTAZHCexy8Yo74JZeIu2oeirkre4hZqM
SzaWJmp0GEru73Y/mJbssMvsE9N5IDm83AD7kz72pyi1Bcaw2axQ4MwuSYKKveiE
YsLdAhTXKksvsuQSbP+msKQJEvscrCq/uYzULwqvKcUj3r+AWIzBNzJQVSMG8cad
o1GpUfBYabMWzTd2KoX5nBT/WBhtt+KRgH3rdUZZjnsZfUHPcRW8g/esNT5q1pIv
h+uFPjXJ/1t0pPKEWc4BgKo9mQbUri4mrrj9azbEWPGeFuWUAQJ6w92Jp+UyKhN3
A3UCAcCsIvlqT4dab1v3FRR2+1GkOTZjB64TuKO9UBGOFjwo5hWxqCTeGKLikwNH
yk82xoyaugszGzInkjXaTouIwWw0Bn0JRw5bbWYbvAaupmoWV5A=
=ItMu
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 4265-1] xml-security-c security update, Moritz Muehlenhoff, 05.08.2018
Archiv bereitgestellt durch MHonArc 2.6.19.