[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted shibboleth-sp 3.2.2+dfsg1-1+deb11u1 (source) into oldoldstable-security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 14 Sep 2025 22:35:18 +0200
Source: shibboleth-sp
Architecture: source
Version: 3.2.2+dfsg1-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@alioth-lists.debian.net>
Changed-By: Bastien Roucariès <rouca@debian.org>
Closes: 1114506
Changes:
 shibboleth-sp (3.2.2+dfsg1-1+deb11u1) bullseye-security; urgency=high
 .
   * New patch: SSPCPP-1014 - Extend escaping in strings.
     Fix SQL injection vulnerability in Service Provider ODBC plugin:
     specially crafted inputs can exfiltrate information stored in the
     database used by the SP.  The vulnerability is moderate to high
     severity for anyone using the ODBC plugin, and of no impact for others.
     Thanks to Scott Cantor (Closes: #1114506, CVE-2025-9943)
Checksums-Sha1:
 7358f8e87234b804870825c0a5aff97bdac0f1e8 2923 shibboleth-sp_3.2.2+dfsg1-1+deb11u1.dsc
 15d60364156cd8fd2c60db273cba85f5c28bc075 640648 shibboleth-sp_3.2.2+dfsg1.orig.tar.xz
 26c2cf194bffaeb1bd07b23e47aa385c8aa93631 42572 shibboleth-sp_3.2.2+dfsg1-1+deb11u1.debian.tar.xz
 fd563b162a4e5a555a22d5b258fcef0732e4ff01 5569 shibboleth-sp_3.2.2+dfsg1-1+deb11u1_source.buildinfo
Checksums-Sha256:
 5342f4b4d907ec8a0bdfecd873fba2022d4d5aad43a8916291cdc3b39a4bc96e 2923 shibboleth-sp_3.2.2+dfsg1-1+deb11u1.dsc
 14d0d2ca03adf44c77ed5e8738d537dbe6e9abe5a3d6f15d403f9b00964c9f00 640648 shibboleth-sp_3.2.2+dfsg1.orig.tar.xz
 772649e7c0fe35da88527be3201331a78665892b6def681992b2889d62c9fb50 42572 shibboleth-sp_3.2.2+dfsg1-1+deb11u1.debian.tar.xz
 72047a9c0d0e19ae453f0cec372d28bc7a587f1eb70c2cee040bc7bfb8b792fb 5569 shibboleth-sp_3.2.2+dfsg1-1+deb11u1_source.buildinfo
Files:
 9477f2d087a85096a7f4afeac4cf66fb 2923 web optional shibboleth-sp_3.2.2+dfsg1-1+deb11u1.dsc
 52199338ebf5612425cb2a076c1b7f70 640648 web optional shibboleth-sp_3.2.2+dfsg1.orig.tar.xz
 5975d3511e30b5c90546c4031e7d2a5b 42572 web optional shibboleth-sp_3.2.2+dfsg1-1+deb11u1.debian.tar.xz
 42dbf436881d52e16c7a7e2144f5fc22 5569 web optional shibboleth-sp_3.2.2+dfsg1-1+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmjHKq8ACgkQADoaLapB
CF+J1xAAj4clDW+MKegTpUKIOGYb2pWEQcnDV1cLFRCRI3jfK+zMWXCQOUx7LFBD
908b3FTZt7iLJSEawOqwjA8Dry4ShXrCE4Zb/bZqaAav2TrIcMXm+t/dqIPbvSHp
2honFei1nvx9coyppMHOTUyVGb4ElbM5fcAD0kCmn1APl844MeBBNt+P+LTYXD1o
p+K+jLc45nmkRyND0evFMqzxRV/UuoHdKpCrE4Eg/wtF87ki//6AgqhEcIcPYiU8
eEgG4hKO3ZQA8/OgFvQLrNFJOL5s9H/QwGF/19vtJb6co/jC07yJi++y0liQ7NA2
rYG9UGtpxSIoFJYDTSSC1CxZZIzr2n+67NAqw8wuKcZFge+HAjk2X5mpIwV3vDG5
xCHrDg4+uT/j+X9RCQ1cWsiLkqtAJeo0zCLL6dO/oYXgiIjIwjAHJW2FjlWu8qxi
vCffP3I16Uubg1PJSPnn1AC3uFpv3AR3yAg8ijDmLZP9Wlnj/32DjuM5d8WlsEp+
+wwnUwgWV0hYHXIj2F9zwP3xOA2/z3B9QR2ZCeMci0YQE1JZBXkoXwLZYcaYROhW
N1vuzUjQBbHc74b8ITHhLA6fOSm2/vXBreoSfNRADu60Pga5mICizaEtu3GhS9BW
E1aFOBzkePO8NXl4y/2BqZwMUkdOxaBOhvGfykxMhVTxyMYSUDo=
=lmTh
-----END PGP SIGNATURE-----

Attachment: pgpGs9BGmzW8k.pgp
Description: PGP signature

Reply to: