2 matches found
GHSA-4V55-CPMV-3VCM CoreWCF: WS-Security Reference DigestMethod Algorithm-Suite Bypass
Impact CoreWCF’s WS-Security 1.0 receive pipeline validates the SignatureMethod of an incoming ds:SignedInfo against the configured SecurityAlgorithmSuite, but does not validate the DigestMethod declared on each ds:Reference. As a result, a sender can populate ds:SignedInfo with SignatureMethod...
Fedora 18 : euca2ools-2.1.3-1.fc18 (2013-3462)
This update adds support for the new signature method introduced in Eucalyptus 3.2.1. It also includes several bugfixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...