Bug 16690

Summary: xmltooling new security issue CVE-2015-0851
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Guillaume Rousse <guillomovitch>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: mageia
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/653065/
Whiteboard:
Source RPM: xmltooling-1.5.3-5.mga5.src.rpm CVE:
Status comment:

Description David Walser 2015-09-02 20:24:28 CEST 
+++ This bug was initially created as a clone of Bug #16514 +++

Debian has issued an advisory on July 30:
https://www.debian.org/security/2015/dsa-3321

I patched this in Cauldron, but it didn't build because of a problem with Boost:
http://pkgsubmit.mageia.org/uploads/failure/cauldron/core/release/20150902181626.luigiwalser.valstar.1862/log/xmltooling-1.5.3-6.mga6/build.0.20150902181702.log

Guillaume, please fix this, and make sure that once this fixed package is built and uploaded, that the opensaml package gets rebuilt against it.
David Walser 2015-09-02 20:24:44 CEST

Depends on: 16514 => (none)

Comment 1 Sander Lepik 2015-10-11 18:54:26 CEST 
Dropped from cauldron.

CC: (none) => mageia
Hardware: i586 => All
Version: Cauldron => 5

Comment 2 David Walser 2015-10-14 19:30:28 CEST 
Fixed by dropping from Cauldron.

Status: NEW => RESOLVED
Version: 5 => Cauldron
Resolution: (none) => FIXED