A flaw was found in xml-security-c. A null pointer dereference which results in a remote Denial of Service attack (shibd crash) in the Shibboleth SP stack. References: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905332 https://issues.apache.org/jira/projects/SANTUARIO/issues/SANTUARIO-491
Created xml-security-c tracking bugs for this issue: Affects: epel-all [bug 1612390] Affects: fedora-all [bug 1612389]
*** Bug 1614632 has been marked as a duplicate of this bug. ***
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.