Accepted simplesamlphp 1.9.2-1+deb7u1 (source all) into oldoldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted simplesamlphp 1.9.2-1+deb7u1 (source all) into oldoldstable
From: Raphaël Hertzog <hertzog@debian.org>
Date: Tue, 12 Dec 2017 10:00:16 +0000
Message-id: <[🔎] E1eOhMG-0002Fg-OH@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 30 Nov 2017 15:07:03 +0100
Source: simplesamlphp
Binary: simplesamlphp
Architecture: source all
Version: 1.9.2-1+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Thijs Kinkhorst <thijs@debian.org>
Changed-By: Raphaël Hertzog <hertzog@debian.org>
Description:
 simplesamlphp - Authentication and federation application supporting several prot
Changes:
 simplesamlphp (1.9.2-1+deb7u1) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the Debian LTS Team.
   * Fix CVE-2017-12867: Invalid token creation and validation
   * Fix CVE-2017-12869: Authentication context bypass in the multiauth module
   * Fix CVE-2017-12872: Multiple timing side-channel issues
     (use the patch fixed for CVE-2017-12868 too)
   * Fix CVE-2017-12873: Incorrect persistent NameID generation
   * Fix CVE-2017-12874: incorrect signature verification
Checksums-Sha1:
 06c4a16c7892c37cab703df4307f65fadd74d7d8 1626 simplesamlphp_1.9.2-1+deb7u1.dsc
 583b94aa5e928505cd43dd0997203e9a737ba12b 1661954 simplesamlphp_1.9.2.orig.tar.gz
 2b0a54820b4e7aca0eb410ea3ed5f81814d66206 11505 simplesamlphp_1.9.2-1+deb7u1.debian.tar.gz
 813e3fa6adbb15c616bbb4ed547a1e7a2a6c33a3 1600740 simplesamlphp_1.9.2-1+deb7u1_all.deb
Checksums-Sha256:
 4125e94842fd32688e5d401ab4cc69bbc3550547498399d8879665cc5a6ef929 1626 simplesamlphp_1.9.2-1+deb7u1.dsc
 d0f5b254f4327e2e4b81820eb1939844e0165d0c070353e799eb2eb05a40d6dc 1661954 simplesamlphp_1.9.2.orig.tar.gz
 1c139a007f2e5c20379acf8ade632a9545b6df485b9ae502cfd80df60a83daa7 11505 simplesamlphp_1.9.2-1+deb7u1.debian.tar.gz
 0e9ef2865c6718915272fddc02c8941c52588748ac517a73f63f1433d4f50125 1600740 simplesamlphp_1.9.2-1+deb7u1_all.deb
Files:
 c288662d40be9fb033d483a818517923 1626 web extra simplesamlphp_1.9.2-1+deb7u1.dsc
 c5c31445e354c025860347fefc7199f5 1661954 web extra simplesamlphp_1.9.2.orig.tar.gz
 63a92401a4906506cf8f07ced309eaa3 11505 web extra simplesamlphp_1.9.2-1+deb7u1.debian.tar.gz
 8b9bd0070cf81ac0845213f03d44b674 1600740 web extra simplesamlphp_1.9.2-1+deb7u1_all.deb

-----BEGIN PGP SIGNATURE-----
Comment: Signed by Raphael Hertzog

iQEzBAEBCgAdFiEE1823g1EQnhJ1LsbSA4gdq+vCmrkFAlovpMUACgkQA4gdq+vC
mrknNAf/eNvP0j090NS/6qV2T3SWY/+IOMlWyR2Xzvn24icM+5WOLFQ0VF28xYKT
qEuyldZoChswv5maUsLzB/20OFq2f4avLsCnFCeUE4AIhAnul7KkuYK41kSTc1rF
7DeJRLJJCKb3cAEY8b6f5E9FWqPAfEhRzlTxC3iGqBqq5pLEBA6Ft23aCzL/q/Py
6j0dfs6I/CwlxX6aL3x40SPYEyzxBDhUWhzAKBDapxWX/Iu20Hjgl8bk68lhqWqG
2wqSR/uC9SodB1oYQPYpmW+jz8Ki0hCXjw85shGj+rON3Ka0jz3u5gq19+liNBM2
mUMltpJYeM9IcuyEODVaCz04W/Wz1g==
=8BCO
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted evince 3.4.0-3.1+deb7u2 (source all amd64) into oldoldstable
Next by Date: Accepted xrdp 0.5.0-2+deb7u3 (source amd64) into oldoldstable
Previous by thread: Accepted evince 3.4.0-3.1+deb7u2 (source all amd64) into oldoldstable
Next by thread: Accepted xrdp 0.5.0-2+deb7u3 (source amd64) into oldoldstable
Index(es):
- Date
- Thread