shibboleth-sp 3.0.4+dfsg1-1ubuntu0.1 source package in Ubuntu
Changelog
shibboleth-sp (3.0.4+dfsg1-1ubuntu0.1) focal-security; urgency=high
* SECURITY UPDATE: Fix a phishing vulnerability: Template generation
allows external parameters to override placeholders (LP: #1919419)
- debian/patches/SSPCPP-922-Add-externalParameters-option-to-Errors-
element.patch: Add externalParameters option to Errors element
- https://shibboleth.net/community/advisories/secadv_20210317.txt
- https://issues.shibboleth.net/jira/browse/SSPCPP-922
- CVE-2021-28963
-- Etienne Dysli Metref <email address hidden> Thu, 18 Mar 2021 12:22:53 +0100
Upload details
- Uploaded by:
- Etienne Dysli Metref
- Sponsored by:
- Steve Beattie
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| shibboleth-sp_3.0.4+dfsg1.orig.tar.xz | 614.9 KiB | b327701d111da4b5da370eddc945c382abc378ff9445e1eda9554c0d7e6f1dca |
| shibboleth-sp_3.0.4+dfsg1-1ubuntu0.1.debian.tar.xz | 77.2 KiB | a603547abb4a39a1bb78f6496f885cf97b8d9054560b3e9bf2678eaf4757613f |
| shibboleth-sp_3.0.4+dfsg1-1ubuntu0.1.dsc | 3.0 KiB | 219f19001f39e3cec97d411e9345f9f59c3fdf4476a5579dd7fae61dd5dfa485 |
Available diffs
Binary packages built by this source
- libapache2-mod-shib: Federated web single sign-on system (Apache module)
The Shibboleth System is a standards based software
package for web single sign-on across or within organizational boundaries.
It supports authorization and attribute exchange using the OASIS SAML 2.0
protocol. Shibboleth allows sites to make informed authorization decisions
for individual access of protected online resources while allowing users to
establish their identities with their local authentication systems.
.
This package contains the Shibboleth Apache module for service providers
(web servers providing resources protected by Shibboleth) and the
supporting shibd daemon.
- libapache2-mod-shib-dbgsym: debug symbols for libapache2-mod-shib
- libapache2-mod-shib2: transitional package
This is a transitional package. It can safely be removed.
- libshibsp-dev: Federated web single sign-on system (development)
The Shibboleth System is a standards based software
package for web single sign-on across or within organizational boundaries.
It supports authorization and attribute exchange using the OASIS SAML 2.0
protocol. Shibboleth allows sites to make informed authorization decisions
for individual access of protected online resources while allowing users to
establish their identities with their local authentication systems.
.
This package contains the headers and other necessary files to build
applications that use the Shibboleth SP library.
- libshibsp-doc: Federated web single sign-on system (API docs)
The Shibboleth System is a standards based software
package for web single sign-on across or within organizational boundaries.
It supports authorization and attribute exchange using the OASIS SAML 2.0
protocol. Shibboleth allows sites to make informed authorization decisions
for individual access of protected online resources while allowing users to
establish their identities with their local authentication systems.
.
This package contains the Shibboleth SP library API documentation.
- libshibsp-plugins: Federated web single sign-on system (plugins)
The Shibboleth System is a standards based software
package for web single sign-on across or within organizational boundaries.
It supports authorization and attribute exchange using the OASIS SAML 2.0
protocol. Shibboleth allows sites to make informed authorization decisions
for individual access of protected online resources while allowing users to
establish their identities with their local authentication systems.
.
This package contains plugins for the Shibboleth SP library.
- libshibsp-plugins-dbgsym: debug symbols for libshibsp-plugins
- libshibsp8: Federated web single sign-on system (runtime)
The Shibboleth System is a standards based software
package for web single sign-on across or within organizational boundaries.
It supports authorization and attribute exchange using the OASIS SAML 2.0
protocol. Shibboleth allows sites to make informed authorization decisions
for individual access of protected online resources while allowing users to
establish their identities with their local authentication systems.
.
This package contains the Shibboleth SP runtime library.
- libshibsp8-dbgsym: debug symbols for libshibsp8
- shibboleth-sp-common: Federated web single sign-on system (common files)
The Shibboleth System is a standards based software
package for web single sign-on across or within organizational boundaries.
It supports authorization and attribute exchange using the OASIS SAML 2.0
protocol. Shibboleth allows sites to make informed authorization decisions
for individual access of protected online resources while allowing users to
establish their identities with their local authentication systems.
.
This package contains common files used by the Shibboleth SP library,
Apache module, and daemon, primarily configuration files and schemas.
- shibboleth-sp-utils: Federated web single sign-on system (daemon and utilities)
The Shibboleth System is a standards based software
package for web single sign-on across or within organizational boundaries.
It supports authorization and attribute exchange using the OASIS SAML 2.0
protocol. Shibboleth allows sites to make informed authorization decisions
for individual access of protected online resources while allowing users to
establish their identities with their local authentication systems.
.
This package contains the daemon that handles attribute requests and
maintains session information for the SP. It is used internally by the
Apache module (libapache2-mod-shib2) , but may be useful independently in
some circumstances. It also contains some other useful Shibboleth SP
utility programs and the FastCGI authorizer and responder.
- shibboleth-sp-utils-dbgsym: debug symbols for shibboleth-sp-utils
- shibboleth-sp2-common: transitional package
This is a transitional package. It can safely be removed.
- shibboleth-sp2-utils: transitional package
This is a transitional package. It can safely be removed.
