Name | TEMP-0905332-CB57BF |
Description | Default KeyInfo resolver doesn't check for empty element content. |
Source | Automatically generated temporary name. Not for external reference. |
Debian Bugs | 905332 |
Vulnerable and fixed packages
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|
xml-security-c (PTS) | jessie, jessie (lts) | 1.7.2-3+deb8u2 | fixed |
| stretch | 1.7.3-4+deb9u3 | fixed |
| stretch (security), stretch (lts) | 1.7.3-4+deb9u1 | fixed |
| buster | 2.0.2-3 | fixed |
| bullseye | 2.0.2-4 | fixed |
| sid, trixie, bookworm | 2.0.4-2 | fixed |
The information below is based on the following data on fixed versions.
Notes
https://issues.apache.org/jira/projects/SANTUARIO/issues/SANTUARIO-491
https://shibboleth.net/community/advisories/secadv_20180803.txt