-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 21 Jan 2014 21:44:08 +0100 Source: libmarc-xml-perl Binary: libmarc-xml-perl Architecture: source all Version: 1.0.2-1 Distribution: unstable Urgency: medium Maintainer: Debian Perl Group <pkg-perl-maintainers@lists.alioth.debian.org> Changed-By: gregor herrmann <gregoa@debian.org> Description: libmarc-xml-perl - Perl library to access MARC data encoded as XML Closes: 736275 Changes: libmarc-xml-perl (1.0.2-1) unstable; urgency=medium . * Team upload. . * New upstream release. Fixes XXE vulnerability: - MARC::File::XML will now die upon parsing a record that declares an external entity and tries to use it. This prevents the potential unwanted disclosure of the contents of files on the server by applications that embed this module. Closes: #736275 * Update years of packaging copyright. * Declare compliance with Debian Policy 3.9.5. Checksums-Sha1: 8f5c6afbbd25c09b07cbc692ed3826aee5b3d9ac 2192 libmarc-xml-perl_1.0.2-1.dsc 0b4dd5b7b6a9065cc52220fc8e52ac7522a8239b 18057 libmarc-xml-perl_1.0.2.orig.tar.gz 8be9e893ad39e6c0c6a4399dee4931d6886b9674 3448 libmarc-xml-perl_1.0.2-1.debian.tar.xz c86154a35c1487c1ce41d6952a5c915911f27f22 21184 libmarc-xml-perl_1.0.2-1_all.deb Checksums-Sha256: 16b32a32030314498d7e5e5ae43196e7838deb16702a820672a17a70de1bfbf7 2192 libmarc-xml-perl_1.0.2-1.dsc 65705e0c0eb77b67a65937274f5ef4e2138c76b9ecdf6fcc1a44de241096c33e 18057 libmarc-xml-perl_1.0.2.orig.tar.gz f394b825321ecb954665fe848c87829fa9e8afc60b97f0249d7165afd914ecc3 3448 libmarc-xml-perl_1.0.2-1.debian.tar.xz a14e8cb3eb09eeab285fc24b285add804ab63de4514066cd5d67213a92908208 21184 libmarc-xml-perl_1.0.2-1_all.deb Files: 1dc5c136b52f00f9e329d9947009631c 2192 perl optional libmarc-xml-perl_1.0.2-1.dsc 86c2e1c7254f5f9388d541ae33318718 18057 perl optional libmarc-xml-perl_1.0.2.orig.tar.gz 4d5acf54353ebeeffbeb56c3c9a193ce 3448 perl optional libmarc-xml-perl_1.0.2-1.debian.tar.xz 75b17bdbc993e607d9027eeaa68e9eb0 21184 perl optional libmarc-xml-perl_1.0.2-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJS3ty0AAoJELs6aAGGSaoGpx4P/37JMCsX4zLhHCGt0UeKcxaJ IdAkHVGoQyTcRSrFCt9fuk/z8iDB1MjdQitTtjD6h7ibQc3kqcvb2l88awG/Zi/a S5WEoMLcUTcx9Ue5tXpYZChtdsfJfS75UlIdiyZCP2XS/q3SUP+j24VvL/FkzNiQ o/dnjenot7Nyx3o7iOKwGwjpN6EVVLyI2uFNtoFYvYd38CNTD4m7geFKcWeWvFIO LKVvur3vOcVvlPryWySdhiMPmQ4pci5EtqS8IOF5+Of29sWaFy8i7rLuvyQTdII0 CHHYe9sM4YIZAglYvqpNYuCfA5JvLKkCLuSylzIrLUN/Pu1JAY3XC76TXrX8RGlI 2QZfp+tQJBEJVZuAYyJfuqrKjgf0mgy4dq9lV3D9HSO4ZCUWs7hye7vq1Wz2o6+R 57iX3BdnNaIptANifRHxl7i9TdauXKsb1g5sR3CupF7T8yzbQz+RzVsOJTrEYzqx +/pM3zsRNPpi0p0oD/ET8IyXvPjkvRoT4ZhZAsSC1ZJBeHkGKi5wTMSCuQHA1Fnf yS9jKOah0ceg1k26d2AeXOgj05aTzotkYFT6Vw8J09WjMqtDdjAQDKAMxXPUS8QA t0nZXrpYPXsEcBxq2K2o5UDmhzvNV45A0EKf8zE+dOvJij5m9TZmJ1Un9o/5FGQc FvlrxcmxKmWPQv44uz3L =lFsq -----END PGP SIGNATURE-----
