| Release | Version |
|---|---|
| jessie | 1.2.20-2 |
| stretch | 1.2.27-2~deb9u1 |
| buster | 1.2.27-2 |
| bullseye | 1.2.31-1 |
| bookworm | 1.2.37-2 |
| trixie | 1.2.41-1 |
| sid | 1.2.41-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-1000061 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansio ... |
| Bug | Description |
|---|---|
| CVE-2011-1425 | xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in ... |
| CVE-2009-3736 | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as us ... |
| CVE-2009-0217 | The design of the W3C XML Signature Syntax and Processing (XMLDsig) re ... |
| DSA / DLA | Description |
|---|---|
| DSA-2219-1 | xmlsec1 - file overwrite |