Changelog
xml-security-c (1.6.1-1) unstable; urgency=high
* Urgency high for security fix. * New upstream release. - DSIGObject::load method crashes for ds:Object without Id attribute - Buffer overflow when signing or verifying files with big asymmetric keys (Closes: #632973, CVE-2011-2516) - Memory bug inside XENCCipherImpl::deSerialise - Function cleanURIEscapes always throws XSECException, when any escape sequence occurs - Function isHexDigit doesn't recognize invalid escape sequences - Percent-encoded multibyte (UTF-8) sequences unrecognized - RSA-OAEP handler only allows SHA-1 digests * Update debian/watch for the new organization of Apache downloads. -- Russ Allbery <email address hidden> Thu, 07 Jul 2011 09:10:33 -0700