Accepted shibboleth-sp 1.3f.dfsg1-2+etch1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 24 Sep 2009 21:11:52 -0700
Source: shibboleth-sp
Binary: libapache2-mod-shib libshib6 libshib-dev libshib-target5
Architecture: source i386
Version: 1.3f.dfsg1-2+etch1
Distribution: oldstable-security
Urgency: high
Maintainer: Quanah Gibson-Mount <quanah@stanford.edu>
Changed-By: Russ Allbery <rra@debian.org>
Description:
libapache2-mod-shib - Shibboleth implements the OASIS SAML v1.1 specification,
libshib-dev - Shibboleth federated authorization system (development)
libshib-target5 - Shibboleth implements the OASIS SAML v1.1 specification,
libshib6 - Shibboleth federated authorization system (development)
Changes:
shibboleth-sp (1.3f.dfsg1-2+etch1) oldstable-security; urgency=high
.
* SECURITY: Correctly handle decoding of malformed URLs, closing a
possibly exploitable buffer overflow.
See <http://shibboleth.internet2.edu/secadv/secadv_20090826.txt>
* SECURITY: Certificate subject names were incorrectly matched against
trusted "key names" when they contained nul characters. This affects
only Shibboleth deployments relying on the "PKIX" style of trust
validation, used in the absence of explicit certificate information in
the SAML metadata provided to the SP and reliance on certificate
authorities found in the <KeyAuthority> metadata extension element.
See <http://shibboleth.internet2.edu/secadv/secadv_20090817.txt>
Files:
dc51ee8bc956d49960ec5c9566cba5c4 956 web optional shibboleth-sp_1.3f.dfsg1-2+etch1.dsc
7aba8f84ff20013dea55a4a34306791a 731365 web optional shibboleth-sp_1.3f.dfsg1.orig.tar.gz
3bd951730a7e805ef8b436f785f3cd0f 33253 web optional shibboleth-sp_1.3f.dfsg1-2+etch1.diff.gz
27fff2e9abffa2b6529ff76a6dc11b27 432572 libdevel extra libshib-dev_1.3f.dfsg1-2+etch1_i386.deb
6c34f34e98ae20f0a420060066a34e03 76496 libs optional libshib6_1.3f.dfsg1-2+etch1_i386.deb
0b5a97fd1caaa56b0384a1a069ce158d 200024 libs optional libshib-target5_1.3f.dfsg1-2+etch1_i386.deb
598dac6ecb406b14898e5fc96704d179 3712852 web optional libapache2-mod-shib_1.3f.dfsg1-2+etch1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkq+nfQACgkQ+YXjQAr8dHZjsQCgliItITUudVklxnMQYTi7kMCO
Ze0An1pJmSDsFF4S/lkC5of7yBNnUXQX
=hMA0
-----END PGP SIGNATURE-----
Accepted:
libapache2-mod-shib_1.3f.dfsg1-2+etch1_i386.deb
to pool/main/s/shibboleth-sp/libapache2-mod-shib_1.3f.dfsg1-2+etch1_i386.deb
libshib-dev_1.3f.dfsg1-2+etch1_i386.deb
to pool/main/s/shibboleth-sp/libshib-dev_1.3f.dfsg1-2+etch1_i386.deb
libshib-target5_1.3f.dfsg1-2+etch1_i386.deb
to pool/main/s/shibboleth-sp/libshib-target5_1.3f.dfsg1-2+etch1_i386.deb
libshib6_1.3f.dfsg1-2+etch1_i386.deb
to pool/main/s/shibboleth-sp/libshib6_1.3f.dfsg1-2+etch1_i386.deb
shibboleth-sp_1.3f.dfsg1-2+etch1.diff.gz
to pool/main/s/shibboleth-sp/shibboleth-sp_1.3f.dfsg1-2+etch1.diff.gz
shibboleth-sp_1.3f.dfsg1-2+etch1.dsc
to pool/main/s/shibboleth-sp/shibboleth-sp_1.3f.dfsg1-2+etch1.dsc
Reply to: