CVE-2009-1885 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1885): Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.
cpp: is dev-libs/xerces-c ready to go stable?
Maintainer timeout (huuuuuge one), adding arches. Please stabilize: =dev-libs/xerces-c-3.1.0
amd64 ok
Tested on SPARC, built and installed OK. Could be stabilised.
ppc/ppc64 stable
x86 stable
amd64 done. Thanks Agostino
Stable for HPPA.
sparc, alpha: you claim to be security-supported architectures, please do this security stabilization on time.
+ 25 Feb 2011; Michael Weber <xmw@gentoo.org> xerces-c-3.1.0.ebuild: + Stable sparc wrt bug 308009, thanks Alex Buell.
alpha stable
Thank you. B3-rated vulnerabilities get a GLSA vote.
GLSA Vote: no.
voting no too, and closing.