Accepted shibboleth-sp 1.3.1.dfsg1-3+lenny1~bpo40+1 (source i386)

To: backports-changes@lists.backports.org
Subject: Accepted shibboleth-sp 1.3.1.dfsg1-3+lenny1~bpo40+1 (source i386)
From: Russ Allbery <rra@debian.org>
Date: Tue, 29 Sep 2009 23:32:07 +0200 (CEST)
Message-id: <[🔎] 20090929213207.B1FAD2929BE1A@www.backports.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 29 Sep 2009 13:06:47 -0700
Source: shibboleth-sp
Binary: libapache2-mod-shib libshib6 libshib-dev libshib-target5
Architecture: source i386
Version: 1.3.1.dfsg1-3+lenny1~bpo40+1
Distribution: etch-backports
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description: 
 libapache2-mod-shib - Federated web single sign-on system (Apache module)
 libshib-dev - Federated web single sign-on system (development)
 libshib-target5 - Federated web single sign-on system (target runtime)
 libshib6   - Federated web single sign-on system (runtime)
Changes: 
 shibboleth-sp (1.3.1.dfsg1-3+lenny1~bpo40+1) etch-backports; urgency=low
 .
   * Backport to oldstable.
   * Build against libxerces27-dev instead of libxerces-c2-dev.
   * Build-depend on libxml-security-c-dev 1.4 or later.
 .
 shibboleth-sp (1.3.1.dfsg1-3+lenny1) stable-security; urgency=high
 .
   * SECURITY: Correctly handle decoding of malformed URLs, closing a
     possibly exploitable buffer overflow.
     See <http://shibboleth.internet2.edu/secadv/secadv_20090826.txt>
   * SECURITY: Certificate subject names were incorrectly matched against
     trusted "key names" when they contained nul characters.  This affects
     only Shibboleth deployments relying on the "PKIX" style of trust
     validation, used in the absence of explicit certificate information in
     the SAML metadata provided to the SP and reliance on certificate
     authorities found in the <KeyAuthority> metadata extension element.
     See <http://shibboleth.internet2.edu/secadv/secadv_20090817.txt>
Files: 
 4717f9a891573c6ddd94ff05df849c65 994 web optional shibboleth-sp_1.3.1.dfsg1-3+lenny1~bpo40+1.dsc
 348f5a71f97499d39998c40f1b441d98 30471 web optional shibboleth-sp_1.3.1.dfsg1-3+lenny1~bpo40+1.diff.gz
 6392e93f776442ccaff68b3dc9b429b4 437892 libdevel extra libshib-dev_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb
 fa3e4463c7028f0128e086e04ae01054 76596 libs optional libshib6_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb
 40b26cf4a3096f35e60121143c03ad9f 201204 libs optional libshib-target5_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb
 6481fd9100a2017ff7a733d9e8998a54 3716162 web optional libapache2-mod-shib_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkrCeccACgkQ+YXjQAr8dHYyzwCgz58jNLY8EvsyrvNzP4coJjG7
JTUAoNyogs2Coqb0cZTLWriObgQ2yDKh
=z+tk
-----END PGP SIGNATURE-----


Accepted:
libapache2-mod-shib_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb
  to pool/main/s/shibboleth-sp/libapache2-mod-shib_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb
libshib-dev_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb
  to pool/main/s/shibboleth-sp/libshib-dev_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb
libshib-target5_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb
  to pool/main/s/shibboleth-sp/libshib-target5_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb
libshib6_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb
  to pool/main/s/shibboleth-sp/libshib6_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.deb
shibboleth-sp_1.3.1.dfsg1-3+lenny1~bpo40+1.diff.gz
  to pool/main/s/shibboleth-sp/shibboleth-sp_1.3.1.dfsg1-3+lenny1~bpo40+1.diff.gz
shibboleth-sp_1.3.1.dfsg1-3+lenny1~bpo40+1.dsc
  to pool/main/s/shibboleth-sp/shibboleth-sp_1.3.1.dfsg1-3+lenny1~bpo40+1.dsc

Reply to:

Prev by Date: shibboleth-sp_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.changes ACCEPTED
Next by Date: [Backports-queue] Processing of sqlalchemy_0.5.6-1~bpo50+1_amd64.changes
Previous by thread: shibboleth-sp_1.3.1.dfsg1-3+lenny1~bpo40+1_i386.changes ACCEPTED
Next by thread: [Backports-queue] Processing of sqlalchemy_0.5.6-1~bpo50+1_amd64.changes
Index(es):
- Date
- Thread