CVE-2012-2328 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2328): internal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrumentation for Manageability (SBLIM) Common Information Model (CIM) Client (aka sblim-cim-client2) before 2.1.12 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML file. Needs cleanup.
Maintainer(s), please drop the vulnerable version.
+ 23 May 2014; Tom Wijsman <TomWij@gentoo.org> -sblim-cim-client-1.3.5.ebuild, + -sblim-cim-client-2.0.5.ebuild: + Remove old, for security bug #501194 (CVE-2012-2328). Done.
Maintainer(s), Thank you for cleanup! No GLSA needed as there are no stable versions.