Comment 6 for bug 1190491

This bug was fixed in the package libopenid-ruby - 2.1.8debian-1ubuntu0.1

---------------
libopenid-ruby (2.1.8debian-1ubuntu0.1) precise-security; urgency=low

  * SECURITY UPDATE: XML denial of service attack (LP: #1190491)
    - debian/patches/02_CVE_2013_1812.patch: lib/openid/fetchers.rb,
      lib/openid/yadis/xrds.rb: limit fetching file size & disable XML entity
      expansion. Based on upstream patch.
    - CVE-2013-1812
 -- Christian Kuersteiner <email address hidden> Mon, 24 Jun 2013 10:04:38 +0700