Ubuntu
xml-light package

  1. Bug #1186860
  2. Comment #8

Comment 8 for bug 1186860

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package xml-light - 2.2-12ubuntu0.12.04.1

---------------
xml-light (2.2-12ubuntu0.12.04.1) precise-security; urgency=low

  * SECURITY-UPDATE: Fix to prevent hash collision attack (LP: #1186860)
    - debian/patches/05_CVE_2012_3514.dpatch: dtd.ml: Use Map(String) instead
      of Hash for DTD proof. Based on upstream patch.
    - CVE-2012-3514
 -- Christian Kuersteiner <email address hidden> Wed, 05 Jun 2013 13:38:23 +0700