Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To:
Subject: Accepted xerces-c 3.2.2+debian-1+deb10u1 (source) into stable->embargoed, stable
Date: Thu, 17 Dec 2020 07:17:24 +0000
Signed by: Sylvain Beucler <beuc@beuc.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 15 Dec 2020 15:55:44 +0100
Source: xerces-c
Architecture: source
Version: 3.2.2+debian-1+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: William Blough <bblough@debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Changes:
 xerces-c (3.2.2+debian-1+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload.
   * CVE-2018-1311 mitigation: fix use-after-free vulnerability when
     processing external DTD, at the expense of a memory leak.  Users may
     mitigate both by setting the XERCES_DISABLE_DTD environment variable.
Checksums-Sha1:
 d781c92966fb6bd60eb3211f0ef9870b4944ebaf 1944 xerces-c_3.2.2+debian-1+deb10u1.dsc
 8d4e3443ee9f6511ed9ff5434e03a42cde0633b9 2513427 xerces-c_3.2.2+debian.orig.tar.gz
 f4bab5503f6f024f2284ee55ddeca2d9d9e09c7d 22700 xerces-c_3.2.2+debian-1+deb10u1.debian.tar.xz
 d414cb4bd8d416d8b076ea545a3a70e672091fd7 9717 xerces-c_3.2.2+debian-1+deb10u1_amd64.buildinfo
Checksums-Sha256:
 9494673a337d1da333df70f37a6d7c501df6b38f6cd0d05346f853ffbb4ac8d6 1944 xerces-c_3.2.2+debian-1+deb10u1.dsc
 98f9ece846b7858aad8243b066d3bf726abd72ccb93735b858a1b927fc7cdaca 2513427 xerces-c_3.2.2+debian.orig.tar.gz
 a5288c40614b28164ab7bcd24164f88d988791aafc8e1ee5b61d52132de229d1 22700 xerces-c_3.2.2+debian-1+deb10u1.debian.tar.xz
 8852447e97eab66d9dab148289ad8b8134c3943bd42a16a80232173cf72005a2 9717 xerces-c_3.2.2+debian-1+deb10u1_amd64.buildinfo
Files:
 64acd69941d582485b63c1bef01d3e51 1944 libs optional xerces-c_3.2.2+debian-1+deb10u1.dsc
 1a18af37abf1077afd8c0e5e7a23ba44 2513427 libs optional xerces-c_3.2.2+debian.orig.tar.gz
 7ada60c1c507d7734f16974d5ce7fa18 22700 libs optional xerces-c_3.2.2+debian-1+deb10u1.debian.tar.xz
 b0ac5e4e7b9de5b58e1c884272a5b03a 9717 libs optional xerces-c_3.2.2+debian-1+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl/Y1XwACgkQj/HLbo2J
BZ//4ggAoAcEZU6LyqCnl6fiE3ugdrQ2W2L24GvhD1BeJKnimCHS//InMI7rK9oV
5QcChFEO1jbY5fN+FBCzb0fqvn1YYeP0PGwgVjiwxtwXFHhx98x/3XZqUeEvNxSQ
Gysj+n/CB/kKN7BzO7e6DU1tWmdKdQZfh3+WNSZrHl6hFEkVQprKtjoag/WvyeWV
nz/Skd7EXRurgbN0Z7OAFsXNiR/1T0rlx1DkgkfJwhmH+aVj3vOC3nH07d2EAcU8
ixqk/BdSo4Xr4M4SZ3FgBN+fm2d1FuC5Q6B9a0D+FmxcTR+FICfLhLExtUPUi5CF
z6gU8JNE7cW/HVhMJlmyOxfbSBPXAw==
=s9zT
-----END PGP SIGNATURE-----

News for package xerces-c