Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 277875

Summary: [sunrise overlay] dev-libs/xml-security-c XML signature HMAC truncation authentication bypass (CVE-2009-0217)
Product: Gentoo Linux Reporter: Robert Buchholz (RETIRED) <rbu>
Component: New packagesAssignee: Thomas Beierlein <tomjbe>
Status: RESOLVED FIXED    
Severity: normal CC: sunrise
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://svn.apache.org/viewvc?view=rev&revision=794013
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 277872    
Bug Blocks: 89076    

Description Robert Buchholz (RETIRED) gentoo-dev 2009-07-15 00:52:36 UTC 
+++ This bug was initially created as a clone of Bug #277872 +++

Please see the blocker for vulnerability details.

Patch: http://svn.apache.org/viewvc?view=rev&revision=794017

Note that since the ebuild is in an overlay, the Security Team will not be tracking this issue via our usual procedures. This is a regular sunrise herd bug.
Comment 1 Thomas Beierlein gentoo-dev 2009-07-16 06:06:22 UTC 
Fixed. Thanks for reporting.