xmltooling 3.0.2-1ubuntu1.1 source package in Ubuntu

Changelog

xmltooling (3.0.2-1ubuntu1.1) cosmic-security; urgency=high

  * SECURITY UPDATE: uncaught exception on malformed XML declaration
    Invalid data in the XML declaration causes an exception of a type that
    was not handled properly in the parser class and propagates an
    unexpected exception type.
    This generally manifests as a crash in the calling code, which in the
    Service Provider software's case is usually the shibd daemon process,
    but can be Apache in some cases. Note that the crash occurs prior to
    evaluation of a message's authenticity, so can be exploited by an
    untrusted attacker.
    - debian/patches/CVE-2019-9628.patch
    - CVE-2019-9628
    - https://shibboleth.net/community/advisories/secadv_20190311.txt
    - LP: #1819912

 -- Etienne Dysli Metref <email address hidden>  Thu, 14 Mar 2019 11:56:34 +0100

Upload details

Uploaded by:
Etienne Dysli Metref on 2019-03-21
Sponsored by:
Eduardo dos Santos Barretto
Uploaded to:
Cosmic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Cosmic updates on 2019-03-26 universe libs
Cosmic security on 2019-03-26 universe libs

Downloads

File Size SHA-256 Checksum
xmltooling_3.0.2.orig.tar.bz2 582.5 KiB 5709cf30c9d7cfc786599ac2433653fac8cc64d425781068af86019c8ce8d689
xmltooling_3.0.2.orig.tar.bz2.asc 833 bytes ef899ca5036744808e49768da1d3060eaef156f187c288abb147a4ee308cba70
xmltooling_3.0.2-1ubuntu1.1.debian.tar.xz 52.7 KiB 0bdc75f1c53e247927c4adcd1292b8bf53f0135286100dcd3e0efb861822170d
xmltooling_3.0.2-1ubuntu1.1.dsc 2.7 KiB 34b2b3d308e0dd4060a2b4616593b12069d74294e3e3e773b4708d7fb0823533

View changes file

Binary packages built by this source

libxmltooling-dev: C++ XML parsing library with encryption support (development)

 The XMLTooling library contains generic XML parsing and
 processing classes based on the Xerces-C DOM. It adds more powerful facilities
 for declaring element- and type-specific API and implementation classes, as
 well as signing and encryption support.
 .
 This package contains the headers and other necessary files to build
 applications or libraries that use or extend the XMLTooling library.

libxmltooling-doc: C++ XML parsing library with encryption support (API docs)

 The XMLTooling library contains generic XML parsing and
 processing classes based on the Xerces-C DOM. It adds more powerful facilities
 for declaring element- and type-specific API and implementation classes, as
 well as signing and encryption support.
 .
 This package contains the XMLTooling library API documentation generated
 by Doxygen.

libxmltooling8: C++ XML parsing library with encryption support (runtime)

 The XMLTooling library contains generic XML parsing and
 processing classes based on the Xerces-C DOM. It adds more powerful facilities
 for declaring element- and type-specific API and implementation classes, as
 well as signing and encryption support.
 .
 This package contains the files necessary for running applications that
 use the XMLTooling library.

libxmltooling8-dbgsym: debug symbols for libxmltooling8
xmltooling-schemas: XML schemas for XMLTooling

 The XMLTooling library contains generic XML parsing and
 processing classes based on the Xerces-C DOM. It adds more powerful facilities
 for declaring element- and type-specific API and implementation classes, as
 well as signing and encryption support.
 .
 This package contains the XML schema files used by the XMLTooling
 library.