-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 24 Jul 2017 19:42:04 +0200 Source: gsoap Binary: libgsoap2 gsoap gsoap-doc gsoap-dbg Architecture: source amd64 all Version: 2.8.7-2+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Mattias Ellert <mattias.ellert@fysast.uu.se> Changed-By: Markus Koschany <apo@debian.org> Description: gsoap - Development libraries and stub generators for gSOAP gsoap-dbg - Debugging symbols for gSOAP gsoap-doc - gSOAP documentation libgsoap2 - Runtime libraries for gSOAP Changes: gsoap (2.8.7-2+deb7u1) wheezy-security; urgency=high . * Non maintainer upload by the LTS team. * Fix CVE-2017-9765: A vulnerability was discovered in gsoap, a library for the development of SOAP web services and clients, that may be exposed with a large and specific XML message over 2 GB in size. After receiving this 2 GB message, a buffer overflow can cause an open unsecured server to crash. Clients communicating with HTTPS with trusted servers are not affected. Checksums-Sha1: e8c0406b31668d8ef8c0034e85d96c267d968a12 2230 gsoap_2.8.7-2+deb7u1.dsc 07fbdaa593feac61b2e588020e96715bd38fbebe 10179593 gsoap_2.8.7.orig.tar.gz c2adb33a63aa3da0a6417e0f8b001b851c342fb5 11182 gsoap_2.8.7-2+deb7u1.debian.tar.gz 427482d56f43bf89406100a343cefcbc7663c6ba 533974 libgsoap2_2.8.7-2+deb7u1_amd64.deb e6122d94cee2b61e2d952e6816183f633b0c585e 1395750 gsoap_2.8.7-2+deb7u1_amd64.deb 7500402494bb3b1a9f6496b9336291dcd9f8eeb2 3359004 gsoap-dbg_2.8.7-2+deb7u1_amd64.deb cfc5f8425341f22216eb7289b9f7c1f2d561f750 3870872 gsoap-doc_2.8.7-2+deb7u1_all.deb Checksums-Sha256: 743ff49208bf2a9ab86faf518a25997e7ce2743d39535bb4be0ed8f9cb5e9807 2230 gsoap_2.8.7-2+deb7u1.dsc d24fffcaa2572e89ed0a1adacde704b9a4637264eae8f9a0d83dafbb7a4e4cba 10179593 gsoap_2.8.7.orig.tar.gz 7835503a84a775d94d022e7251f3d23f94db231678bc2a860e7d4b0b451d03f7 11182 gsoap_2.8.7-2+deb7u1.debian.tar.gz 66a244b7996d491d4d37fdb1e052e9b8e4772baa01471d0d8a6f7e801b479a94 533974 libgsoap2_2.8.7-2+deb7u1_amd64.deb 9e542f8cf5a169ab3a741fba06e475ae18ac473cf52fe4e52e6b4755c0d3555b 1395750 gsoap_2.8.7-2+deb7u1_amd64.deb 5bcf517aacb0061a20838637ba72549a67f2b3f0aa7a535afe5fe0d44163bd90 3359004 gsoap-dbg_2.8.7-2+deb7u1_amd64.deb cd33ed48585bf9f9f8d0a15c8053d0c58119cf498fe423e464a227a1ea13acc1 3870872 gsoap-doc_2.8.7-2+deb7u1_all.deb Files: ef72ae56071dda9c035feee17a0d35f9 2230 devel optional gsoap_2.8.7-2+deb7u1.dsc 3ec4ea4196c105330e48af5cfee88996 10179593 devel optional gsoap_2.8.7.orig.tar.gz 6cd45e4689d3c9d80c4940b0f993d17e 11182 devel optional gsoap_2.8.7-2+deb7u1.debian.tar.gz b000fa80f9d35c3376bb2ec70d14f713 533974 libs optional libgsoap2_2.8.7-2+deb7u1_amd64.deb 5800552f0a2e123c27732889c4aaae89 1395750 devel optional gsoap_2.8.7-2+deb7u1_amd64.deb 7ecd51a119ad7ca44dbf878395a11f16 3359004 debug extra gsoap-dbg_2.8.7-2+deb7u1_amd64.deb b5b7ad3775332fc836e7c51916bbfde9 3870872 doc optional gsoap-doc_2.8.7-2+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAll2OcZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkeWMQAKFgeKxfazBMBpHOhGwpxb8by+ee4ra0MBgD 75c66hpcwCbNYF36iKxMEMAS7U858I36C5tqRNnlrjR2e/lw8/6mgr/12MX6e6um 1CG6+L6Hih1QiyKNq9au1AfhUdKeI30RArg/M0X7ik9AAgIOjkWI5xkmKw3RAPkP iNTlmiV8m6ZQxAlIc4yf+86I1dGT/Luhds2QH91Svu7GUwkVgFPwvQLyZ0TvBSu8 9B0pNF2/VBmR8wTmXJ3DKN+KrQgEDs9XpoUWk09mfFk82u/1DoL+EeeqG4tePA0z OVNAP1WkmOuWAHl5kuxufPg3W/S2yxdnFeuGCFSzHvpJu35LySlTrousxUUR7wJA o1OhTYXCkOeTqS1Lko8LhxNk+ftFNd/QmtgAuS/qUQQI2NjOEx3xP7xVSmGcfXmn iQ7CiWUKy0mcy0+HteivfT2r6vzr4+PxRQ9K6tLpENZ/nK/cw1xhpz53Y16SX044 h/YWNlwcg4YZIiqX8Lw3U3shMm7EwUturRdJSs14oYIVnTmr6c7VSfoS+DfRIDUl btLBbJ7FOWsXV6LdJb5rAP1+lTpcJsc5mAcWwbq8A59e0xhW2i6F40XXCcxNTAGp ukbSFKQ8/wiq4uvFlVAiLVf0LxG9D0FsXwtKOGlWcV3L9xkraqbJBoNhRbBFT7NL ASkvY9Tm =mUpE -----END PGP SIGNATURE-----
