[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted opensaml2 2.4.3-1~bpo60+1 (source i386 all)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 02 Nov 2011 17:37:00 -0700
Source: opensaml2
Binary: libsaml7 libsaml2-dev opensaml2-tools opensaml2-schemas libsaml2-doc
Architecture: source i386 all
Version: 2.4.3-1~bpo60+1
Distribution: squeeze-backports
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description: 
 libsaml2-dev - Security Assertion Markup Language library (development)
 libsaml2-doc - Security Assertion Markup Language library (API docs)
 libsaml7   - Security Assertion Markup Language library (runtime)
 opensaml2-schemas - Security Assertion Markup Language library (XML schemas)
 opensaml2-tools - Security Assertion Markup Language command-line tools
Changes: 
 opensaml2 (2.4.3-1~bpo60+1) squeeze-backports; urgency=high
 .
   * Backport to stable.
   * Make removal of the Doxygen-installed jquery.js file conditional on
     its existence, since some versions of Doxygen don't install it.
 .
 opensaml2 (2.4.3-1) unstable; urgency=high
 .
   * Set urgency to high for security fix.
   * New upstream release.
     - SECURITY: Fix vulnerability to a "wrapping attack" that could allow
       a remote, unauthenticated attacker to craft messages that can be
       successfully verified but contain arbitrary content.  This may allow
       an attacker to subvert the security of software using OpenSAML and
       supply an unauthenticated login identity and data under the guise of
       a trusted issuer.  (CVE-2011-1411)
     - Fix unmarshalling of RespondWith element
     - Make library init routines idempotent
   * Update the Debian-provided samlsign.1 man page for new flags supported
     by the upstream utility.
   * Update debian/watch for the new upstream distribution location.
   * Update standards version to 3.9.2 (no changes required).
 .
 opensaml2 (2.4.1-1) unstable; urgency=low
 .
   * New upstream release.
     - Don't download remote metadata if it hasn't changed
     - Verify that fetched metadata is valid, even after filters, before
       overwriting the previous metadata.  Improve metadata downloads.
     - Logging improvements for OpenSAML.MetadataProvider.XML
     - Add keywords/tags element to UIInfo extension and disco feed
     - Fix overuse of InclusivePrefixes list when signing
     - Do not use cacheDuration for validity
     - Fix memory leaks
     - Fix crash when encrypting unmarshalled object
     - Resolve sibling EncryptedKey element for decryption
     - Add xml prefix on newly-created xml:lang attributes
     - Duplication and line feed fixes for DiscoFeed.
     - Fix reload interval backoff after reload failures
     - Strip whitespace from SAMLRequest URL parameter values
   * Change package names for the upstream SONAME change.
   * Install the new upstream pkg-config file in libsaml2-dev.
   * Build-depend on xmltooling 1.4 or later.
   * Force build dependency on xml-security-c 1.6 or later for consistent
     build results.
   * Add build dependency on pkg-config, which upstream now uses to find
     the SSL libraries.
   * Add build dependency on graphviz for better API documentation.
   * Replace the version of jQuery installed by Doxygen in the
     documentation package with a symlink to the version supplied by the
     Debian package and add a dependency.
   * Update to debhelper compatibility level V8.
     - Use the autotools-dev debhelper module for config.{sub,guess}.
     - Use debhelper rule minimization.
   * Update debian/copyright to the current DEP-5 specification.
   * Change to Debian source format 3.0 (quilt).  Force a single Debian
     patch for simplicity since the packaging is maintained in Git using
     branches, and include a patch header explaining why.
   * Update standards version to 3.9.1 (no changes required).
Checksums-Sha1: 
 fcf468150121dab2451a9903c595367a4a15cc60 1849 opensaml2_2.4.3-1~bpo60+1.dsc
 1835d1815a1937499a21bcaad09ce2a668e3d793 871693 opensaml2_2.4.3.orig.tar.gz
 81c4c7cc829f619341cfc88bfd02802b8f99e404 8522 opensaml2_2.4.3-1~bpo60+1.debian.tar.gz
 947f638faf1a6222cc8704d502afb9b86ff5d9ec 1290624 libsaml7_2.4.3-1~bpo60+1_i386.deb
 022e7b521edd9f094a09117eef0f6bde9b4b5365 51278 libsaml2-dev_2.4.3-1~bpo60+1_i386.deb
 ea17a59b2cc5cf6c8635db12706c19b9c84e5973 28120 opensaml2-tools_2.4.3-1~bpo60+1_i386.deb
 26515f6bff5b8100b5902e5f162ca23a2d1c2375 30570 opensaml2-schemas_2.4.3-1~bpo60+1_all.deb
 e00415045b499182fa413608f9f00f9c2cf71e8c 2458256 libsaml2-doc_2.4.3-1~bpo60+1_all.deb
Checksums-Sha256: 
 0938a1b9b6533f614283c8583ffb48e3a0ed645a9924dd87dd63bbeff9b926de 1849 opensaml2_2.4.3-1~bpo60+1.dsc
 850187c7dd664f9216a387bcc9e08f36643f04ddc08d11551e33a46dd15d2539 871693 opensaml2_2.4.3.orig.tar.gz
 fa9d69a5a2d92e1dbd20d37b812ca16ce5cb73e5087d255f711c09feecbda0ff 8522 opensaml2_2.4.3-1~bpo60+1.debian.tar.gz
 8f72ba0e56034582db8faf49408b25ac94a7836c0861d7aa0c1bd6c85f7fa167 1290624 libsaml7_2.4.3-1~bpo60+1_i386.deb
 633c6b5d9c3e6a4dde403181dac92fe31c4413d180db19d539428527b49f9cac 51278 libsaml2-dev_2.4.3-1~bpo60+1_i386.deb
 7643e5272f7f9abdc658890bea826dd22b979857d264b385f030c43f7c554778 28120 opensaml2-tools_2.4.3-1~bpo60+1_i386.deb
 67dc86fc3f9ec8570e71c9a2003746c5fa2c4a9019801abb44584183d88eaecb 30570 opensaml2-schemas_2.4.3-1~bpo60+1_all.deb
 3b6c40722e0130f753b8ac7173550925744f348d56c79df0e4b284e773ff709a 2458256 libsaml2-doc_2.4.3-1~bpo60+1_all.deb
Files: 
 4de5395df959dc3bd9555dc385cdedc4 1849 libs extra opensaml2_2.4.3-1~bpo60+1.dsc
 368361d56992afafbc6f8190a77ffd53 871693 libs extra opensaml2_2.4.3.orig.tar.gz
 92e9d7e4b63e17e9d2820ad18142929b 8522 libs extra opensaml2_2.4.3-1~bpo60+1.debian.tar.gz
 282c77394946a94ddeb915df7d2859e0 1290624 libs extra libsaml7_2.4.3-1~bpo60+1_i386.deb
 c078e2c092072e5513809b2574cc2e02 51278 libdevel extra libsaml2-dev_2.4.3-1~bpo60+1_i386.deb
 9caaa3e5a8d17d02b468a32b7eec6483 28120 text extra opensaml2-tools_2.4.3-1~bpo60+1_i386.deb
 1a95fa6ab1084d86d1006106030a52de 30570 text extra opensaml2-schemas_2.4.3-1~bpo60+1_all.deb
 a020f4ee0c28b75bbc281248cc34842f 2458256 doc extra libsaml2-doc_2.4.3-1~bpo60+1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBCAAGBQJOsfUxAAoJEH2AMVxXNt51bz4H/RfJ/nmjBz3OahRMcmR3LbAk
p7RDgsF5qByMk2DcP3SZV2YYtCYXB/puiRmMIogv4aA3VGDCmHWlzWLFGP58kxsT
TrP7/K3k9YJVpibXzMnPyYKow99YxgoM9AusdpScxriry+fXCTYMLoHLU6/EDxs3
iTFuzHVYbB7xciZu7yvN0ddrjOGOGmmxm5KV0IlYDZfL2ug5+fxqx5wTJ1xkciRl
5gIJ9zHBjR2RGHTA+W8YShdPKYlaipBQMplGGVg/Bvf6UmAwoPz6XPRUGC9eGzI9
E0dUdJGFqTFDObR1kcHwiHOS2xhjh5sf7KNhPgGQVMZ/dfO+ox3hkDBCqTHZiW8=
=eD4q
-----END PGP SIGNATURE-----


Accepted:
libsaml2-dev_2.4.3-1~bpo60+1_i386.deb
  to main/o/opensaml2/libsaml2-dev_2.4.3-1~bpo60+1_i386.deb
libsaml2-doc_2.4.3-1~bpo60+1_all.deb
  to main/o/opensaml2/libsaml2-doc_2.4.3-1~bpo60+1_all.deb
libsaml7_2.4.3-1~bpo60+1_i386.deb
  to main/o/opensaml2/libsaml7_2.4.3-1~bpo60+1_i386.deb
opensaml2-schemas_2.4.3-1~bpo60+1_all.deb
  to main/o/opensaml2/opensaml2-schemas_2.4.3-1~bpo60+1_all.deb
opensaml2-tools_2.4.3-1~bpo60+1_i386.deb
  to main/o/opensaml2/opensaml2-tools_2.4.3-1~bpo60+1_i386.deb
opensaml2_2.4.3-1~bpo60+1.debian.tar.gz
  to main/o/opensaml2/opensaml2_2.4.3-1~bpo60+1.debian.tar.gz
opensaml2_2.4.3-1~bpo60+1.dsc
  to main/o/opensaml2/opensaml2_2.4.3-1~bpo60+1.dsc
opensaml2_2.4.3.orig.tar.gz
  to main/o/opensaml2/opensaml2_2.4.3.orig.tar.gz
Reply to: