internal/cimxml/sax/NodeFactory.java in Standards-Based Linux
Instrumentation for Manageability (SBLIM) Common Information Model (CIM)
Client (aka sblim-cim-client2) before 2.1.12 computes hash values without
restricting the ability to trigger hash collisions predictably, which allows
context-dependent attackers to cause a denial of service (CPU consumption)
via a crafted XML file.
Maintainer(s), please drop the vulnerable version.
+ 23 May 2014; Tom Wijsman <TomWij@gentoo.org> -sblim-cim-client-1.3.5.ebuild,
+ Remove old, for security bug #501194 (CVE-2012-2328).
Maintainer(s), Thank you for cleanup!
No GLSA needed as there are no stable versions.