Accepted shibboleth-sp2 2.3+dfsg-1 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 11 Nov 2009 14:39:44 -0800
Source: shibboleth-sp2
Binary: libapache2-mod-shib2 libshibsp4 libshibsp-dev libshibsp-doc shibboleth-sp2-schemas
Architecture: source i386 all
Version: 2.3+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description:
libapache2-mod-shib2 - Federated web single sign-on system (Apache module)
libshibsp-dev - Federated web single sign-on system (development)
libshibsp-doc - Federated web single sign-on system (API docs)
libshibsp4 - Federated web single sign-on system (runtime)
shibboleth-sp2-schemas - Federated web single sign-on system (schemas)
Closes: 555608
Changes:
shibboleth-sp2 (2.3+dfsg-1) unstable; urgency=high
.
[ Russ Allbery ]
* Urgency set to high for security fix.
* New upstream release.
- SECURITY: Partial fix for improper handling of URLs that could be
abused for script injection and other cross-site scripting attacks.
The complete fix also requires newer xmltooling and opensaml2
packages. (Closes: #555608, CVE-2009-3300)
- Avoid shibd crash on dead memcache server.
- Pass the affiliation name to the session initiator.
- Correctly handle a bogus ACS.
- Allow overriding the URL that's passed to the DS.
- Add schema types for new attribute decoders introduced in 2.2.
- Handle success with partial logout in the logout UI code.
- Fix POST data preservation with empty parameters and empty forms.
- Fix SAML 1 specification of attributes in the query plugin.
- Shorten ePTId-type persistent identifiers.
- Use an ID rather than a whole doc reference for generated metadata.
- Fix spelling of scopeDelimiter in the configuration parser, making
the code and documentation match the schema.
* Rename library package for upstream SONAME bump.
* Tighten build and package dependencies on xmltooling and opensaml2 to
require the versions with the security fix.
* Fix watch file for the new version mangling.
* Improve documentation of DAEMON_OPTS in /etc/default/shibd.
* Remove unnecessary patches to upstream files regenerated during the
build from the source package diff.
.
[ Faidon Liambotis ]
* Run make install with NOKEYGEN=1 and stop rm-ing generated
certificates. Fixes FTBFS.
.
[ Ferenc Wagner ]
* Run shibd as non-root.
Checksums-Sha1:
759a0af4d3362c84ba5fe61039d57032b8b83ec6 1636 shibboleth-sp2_2.3+dfsg-1.dsc
a15ac5bf6c65a26e44a8b5be2fc194edc6574067 807364 shibboleth-sp2_2.3+dfsg.orig.tar.gz
dcf8a12d5245ab3c35c2a0a7881e27f5c94c6b11 17637 shibboleth-sp2_2.3+dfsg-1.diff.gz
cd104c7ad311946f36133666c42dae4c9d9089f9 225598 libapache2-mod-shib2_2.3+dfsg-1_i386.deb
0700e3080a2f566ef7860e78c2cea34e1839cf14 951818 libshibsp4_2.3+dfsg-1_i386.deb
eda10a972f35975408e0027d9bab40b852883f88 42964 libshibsp-dev_2.3+dfsg-1_i386.deb
0409cb229a24ab3629bb34d4a7e28c0bed424032 331962 libshibsp-doc_2.3+dfsg-1_all.deb
34777ccd22bfcaa068c6e686bc14141a3b256890 18268 shibboleth-sp2-schemas_2.3+dfsg-1_all.deb
Checksums-Sha256:
72e530cd880560a27c1d6f1ed57eacae54693ac0064fae6674e61133e411cfd7 1636 shibboleth-sp2_2.3+dfsg-1.dsc
5a19c7078dd67d42a97630ea82096bdeb0f09d3a070e67cf7cea9281487e1e88 807364 shibboleth-sp2_2.3+dfsg.orig.tar.gz
865c4fdfa67219225efccf3a907c98778e33f4e55fa27ea52e9f944c569fd47e 17637 shibboleth-sp2_2.3+dfsg-1.diff.gz
e35dc4e7d48d849dd91e102b9971a894d3d08ec401b147abe1ce63cceef11e0e 225598 libapache2-mod-shib2_2.3+dfsg-1_i386.deb
6225d432dfbb5ecd28a92952619896fd5a9a8249253fd00ad0bab209d94369d2 951818 libshibsp4_2.3+dfsg-1_i386.deb
af00b4f99e8edc763b63eab82f5b2c25830d6b908f9d2b1215b5917aca463a07 42964 libshibsp-dev_2.3+dfsg-1_i386.deb
58ad0b6f6df170f3b3602ad9d7cc296e2b962f03cde2be447b57e6ca9b7612fa 331962 libshibsp-doc_2.3+dfsg-1_all.deb
cfb3c93b85e3d930cd8682748765c15e12212afe69d875762a6f6edd4ed5b9ce 18268 shibboleth-sp2-schemas_2.3+dfsg-1_all.deb
Files:
2f88c18d3f409d31ec7483ef3eaca5a7 1636 web extra shibboleth-sp2_2.3+dfsg-1.dsc
6d674cfe5862654ab05831a4a5fc2d2b 807364 web extra shibboleth-sp2_2.3+dfsg.orig.tar.gz
bbf138cb1fb1604452b3ebcbde5ad110 17637 web extra shibboleth-sp2_2.3+dfsg-1.diff.gz
09c2a32811c93e7b97fcaec16f6166d5 225598 httpd extra libapache2-mod-shib2_2.3+dfsg-1_i386.deb
c7315ddf839d59cd17071ce911baef3a 951818 libs extra libshibsp4_2.3+dfsg-1_i386.deb
53869c333d823ff96883f646a2b06e21 42964 libdevel extra libshibsp-dev_2.3+dfsg-1_i386.deb
d6d2b1fbc88bcb026d4d17ba2885c5cd 331962 doc extra libshibsp-doc_2.3+dfsg-1_all.deb
b70882e72d1c158c7a661db696855249 18268 text extra shibboleth-sp2-schemas_2.3+dfsg-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkr7Vs0ACgkQ+YXjQAr8dHaxrACeJ+6wMT/7bQqGfsRIG2gRzZrw
2dgAnRZJ4loHHKJ8zhallh+Lw/98uWp4
=duds
-----END PGP SIGNATURE-----
Accepted:
libapache2-mod-shib2_2.3+dfsg-1_i386.deb
to main/s/shibboleth-sp2/libapache2-mod-shib2_2.3+dfsg-1_i386.deb
libshibsp-dev_2.3+dfsg-1_i386.deb
to main/s/shibboleth-sp2/libshibsp-dev_2.3+dfsg-1_i386.deb
libshibsp-doc_2.3+dfsg-1_all.deb
to main/s/shibboleth-sp2/libshibsp-doc_2.3+dfsg-1_all.deb
libshibsp4_2.3+dfsg-1_i386.deb
to main/s/shibboleth-sp2/libshibsp4_2.3+dfsg-1_i386.deb
shibboleth-sp2-schemas_2.3+dfsg-1_all.deb
to main/s/shibboleth-sp2/shibboleth-sp2-schemas_2.3+dfsg-1_all.deb
shibboleth-sp2_2.3+dfsg-1.diff.gz
to main/s/shibboleth-sp2/shibboleth-sp2_2.3+dfsg-1.diff.gz
shibboleth-sp2_2.3+dfsg-1.dsc
to main/s/shibboleth-sp2/shibboleth-sp2_2.3+dfsg-1.dsc
shibboleth-sp2_2.3+dfsg.orig.tar.gz
to main/s/shibboleth-sp2/shibboleth-sp2_2.3+dfsg.orig.tar.gz
Reply to: