[Git][security-tracker-team/security-tracker][master] Track fixes for CVE-2009-347{4,5,6}/opensaml

Salvatore Bonaccorso carnil at debian.org
Sun Nov 25 20:22:55 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
93279888 by Salvatore Bonaccorso at 2018-11-25T20:22:11Z
Track fixes for CVE-2009-347{4,5,6}/opensaml

The src:opensaml package was re-introduced in Debian starting with the
3.0.0-1 version to experimental and later uploaded to unstable.

As such track the first src:opensaml version in unstable containing
those fixes as the one for the fixed version. While it was named
src:opensaml2 it was fixed in src:opensaml2/2.2.1-1 to unstable.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -254666,21 +254666,21 @@ CVE-2009-3477 (The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 be
 CVE-2009-3476 (Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 ...)
 	{DSA-1895-2 DSA-1896-1 DSA-1895-1}
 	- xmltooling 1.2.2-1
-	- opensaml <removed>
+	- opensaml 3.0.0-2
 	- opensaml2 2.2.1-1
 	- shibboleth-sp <removed>
 	- shibboleth-sp2 2.2.1+dfsg-1
 CVE-2009-3475 (Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and ...)
 	{DSA-1895-2 DSA-1896-1 DSA-1895-1}
 	- xmltooling 1.2.2-1
-	- opensaml <removed>
+	- opensaml 3.0.0-2
 	- opensaml2 2.2.1-1
 	- shibboleth-sp <removed>
 	- shibboleth-sp2 2.2.1+dfsg-1
 CVE-2009-3474 (OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as used by ...)
 	{DSA-1895-2 DSA-1896-1 DSA-1895-1}
 	- xmltooling 1.2.2-1
-	- opensaml <removed>
+	- opensaml 3.0.0-2
 	- opensaml2 2.2.1-1
 	- shibboleth-sp <removed>
 	- shibboleth-sp2 2.2.1+dfsg-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/93279888870a164076d94925a950a1809fe0882f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/93279888870a164076d94925a950a1809fe0882f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181125/922e55cf/attachment.html>

More information about the debian-security-tracker-commits mailing list