Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted xerces-c 3.1.4+debian-2+deb9u2 (source) into oldstable
Date: Thu, 17 Dec 2020 12:20:18 +0000
Signed by: Sylvain Beucler <beuc@beuc.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 11 Dec 2020 18:16:07 +0100
Source: xerces-c
Binary: libxerces-c3.1 libxerces-c-dev libxerces-c-doc libxerces-c-samples
Architecture: source
Version: 3.1.4+debian-2+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: William Blough <devel@blough.us>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
 libxerces-c-dev - validating XML parser library for C++ (development files)
 libxerces-c-doc - validating XML parser library for C++ (documentation)
 libxerces-c-samples - validating XML parser library for C++ (compiled samples)
 libxerces-c3.1 - validating XML parser library for C++
Changes:
 xerces-c (3.1.4+debian-2+deb9u2) stretch-security; urgency=high
 .
   * Non-maintainer upload.
   * CVE-2018-1311 mitigation: fix use-after-free vulnerability when
     processing external DTD, at the expense of a memory leak.  Users may
     mitigate both by setting the XERCES_DISABLE_DTD environment variable.
Checksums-Sha1:
 efcfe04a2e40df15d49f0516cfda129f29bcc4c0 1949 xerces-c_3.1.4+debian-2+deb9u2.dsc
 2bb87f28f1af350811c7e23295ac140fed0df2d6 2376728 xerces-c_3.1.4+debian.orig.tar.gz
 9f4bfbe7be187a541ea28f81710ed954b033d49c 25116 xerces-c_3.1.4+debian-2+deb9u2.debian.tar.xz
 50442a47d7f5804edc1f5284c429fce105e8d676 9696 xerces-c_3.1.4+debian-2+deb9u2_amd64.buildinfo
Checksums-Sha256:
 4056c51e013e4ad5389190291b5f496ea0eb4c6225d5b4ed3cad765a83082918 1949 xerces-c_3.1.4+debian-2+deb9u2.dsc
 4ab6acc4000362322c5f1568cfad32fdb5c49e96a1eaaaefd20f9ca24a406593 2376728 xerces-c_3.1.4+debian.orig.tar.gz
 29fa49018b690efbed61650bb632f0f17212c560107c659e18b42b4a21c55664 25116 xerces-c_3.1.4+debian-2+deb9u2.debian.tar.xz
 e265cb2d7fb1fe2dec00aab5e84cc01b2a019244ecbedc4d515ec570b4c550e0 9696 xerces-c_3.1.4+debian-2+deb9u2_amd64.buildinfo
Files:
 dd615c8c46151cbe04eec7be507dd37f 1949 libs optional xerces-c_3.1.4+debian-2+deb9u2.dsc
 8a4ff3e17fc2e4b76d3c047fe0d511ff 2376728 libs optional xerces-c_3.1.4+debian.orig.tar.gz
 95c74b481f11b2da721fc8ac3aa523fd 25116 libs optional xerces-c_3.1.4+debian-2+deb9u2.debian.tar.xz
 2f8dcd92154ffa01c29d8edb193351e5 9696 libs optional xerces-c_3.1.4+debian-2+deb9u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl/bSegACgkQj/HLbo2J
BZ9lOwf/ctvLVuKK5DAKV0MvBmRkaA7V5O2cRnBeMcsvKdfK0Hg86ibk4f8Zl6ht
9DYd4eHDS5YL7sFuhEoTVoUXih5yYD/R5+NxfgI8BcKBIvv1rGUdELAB0iWbq/lX
Pjx8oAEtyLBsqgUgo3eNGuuLzwYC5PbOFQMZNdfu330jMflwpNIix8F8om+Ud+iA
ROx9t2oB3vzXEUWeSE0EbS28SDmJ4gK6e5+kKtigR2YaRg7/V8xG+oOV34Xc7/nZ
rZX0IcglUfaZQR1PEV3jTapGW8Tjyk51hVQCTiV2ux6J6uJ/xM+vlYsE43s8YWTc
tnkcOcYpc8jY4FRTHg0SNETeFrZ24g==
=n/op
-----END PGP SIGNATURE-----

News for package xerces-c