TEMP-0905332-CB57BF

NameTEMP-0905332-CB57BF
DescriptionDefault KeyInfo resolver doesn't check for empty element content.
SourceAutomatically generated temporary name. Not for external reference.
Debian Bugs905332

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
xml-security-c (PTS)jessie1.7.2-3vulnerable
jessie (security)1.7.2-3+deb8u2fixed
stretch (security), stretch1.7.3-4+deb9u1fixed
buster, sid2.0.2-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
xml-security-csource(unstable)1.7.3-4+deb9u1905332
xml-security-csourceexperimental2.0.1-1
xml-security-csourcejessie1.7.2-3+deb8u1
xml-security-csourcestretch1.7.3-4+deb9u1

Notes

https://issues.apache.org/jira/projects/SANTUARIO/issues/SANTUARIO-491
https://shibboleth.net/community/advisories/secadv_20180803.txt

Search for package or bug name: Reporting problems