Ubuntu
shibboleth-sp package

shibboleth-sp 1.3.1.dfsg1-3+lenny1build0.9.04.2 source package in Ubuntu

Changelog

shibboleth-sp (1.3.1.dfsg1-3+lenny1build0.9.04.2) jaunty-security; urgency=low

  * fix FTBFS by backporting fixes from 1.3.1.dfsg1-4:
    - Adjust autoreconf calling method so that Autoconf 2.63 will install
      supporting files.  (Closes: #533931)
    - Remove additional libtool M4 files on debian/rules clean.

shibboleth-sp (1.3.1.dfsg1-3+lenny1build0.9.04.1) jaunty-security; urgency=low

  * fake sync from Debian

shibboleth-sp (1.3.1.dfsg1-3+lenny1) stable-security; urgency=high

  * SECURITY: Correctly handle decoding of malformed URLs, closing a
    possibly exploitable buffer overflow.
    See <http://shibboleth.internet2.edu/secadv/secadv_20090826.txt>
  * SECURITY: Certificate subject names were incorrectly matched against
    trusted "key names" when they contained nul characters.  This affects
    only Shibboleth deployments relying on the "PKIX" style of trust
    validation, used in the absence of explicit certificate information in
    the SAML metadata provided to the SP and reliance on certificate
    authorities found in the <KeyAuthority> metadata extension element.
    See <http://shibboleth.internet2.edu/secadv/secadv_20090817.txt>

 -- Jamie Strandboge <email address hidden>   Tue, 06 Oct 2009 15:42:18 -0500

Upload details

Uploaded by:
Jamie Strandboge
Uploaded to:
Jaunty
Original maintainer:
Debian Shib Team
Architectures:
any
Section:
web
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
shibboleth-sp_1.3.1.dfsg1.orig.tar.gz 743.8 KiB 432ca216381d9461744c4dc044754fed261484824ec6d76da7e5ca4e252d6d20
shibboleth-sp_1.3.1.dfsg1-3+lenny1build0.9.04.2.diff.gz 31.6 KiB 104f056df5c227326735b7ca1d13b8bb7dc2793bbd60a7aade298686c9d4af76
shibboleth-sp_1.3.1.dfsg1-3+lenny1build0.9.04.2.dsc 1.6 KiB 3ecb795f4ec02b001177066237210b5db28315312e8e448e53ccff0f9eb60e99

View changes file

Binary packages built by this source

libapache2-mod-shib: No summary available for libapache2-mod-shib in ubuntu jaunty.

No description available for libapache2-mod-shib in ubuntu jaunty.

libshib-dev: No summary available for libshib-dev in ubuntu jaunty.

No description available for libshib-dev in ubuntu jaunty.

libshib-target5: No summary available for libshib-target5 in ubuntu jaunty.

No description available for libshib-target5 in ubuntu jaunty.

libshib6: No summary available for libshib6 in ubuntu jaunty.

No description available for libshib6 in ubuntu jaunty.