[Git][security-tracker-team/security-tracker][master] Track fixes for re-introduced src:shibboleth-sp package

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
51f44fc9 by Salvatore Bonaccorso at 2018-11-25T20:34:36Z
Track fixes for re-introduced src:shibboleth-sp package

The src:shibboleth-sp package was re-introduced in Debian starting with
the 3.0.2+dfsg1-1 version to experimental and later uploaded to
unstable.

Track previous src:shibboleth-sp2 fixes which are now adressed in
src:shibboleth-sp with the first version which landed in unstable.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -254668,21 +254668,21 @@ CVE-2009-3476 (Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 ...
 	- xmltooling 1.2.2-1
 	- opensaml 3.0.0-2
 	- opensaml2 2.2.1-1
-	- shibboleth-sp <removed>
+	- shibboleth-sp 3.0.2+dfsg1-2
 	- shibboleth-sp2 2.2.1+dfsg-1
 CVE-2009-3475 (Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and ...)
 	{DSA-1895-2 DSA-1896-1 DSA-1895-1}
 	- xmltooling 1.2.2-1
 	- opensaml 3.0.0-2
 	- opensaml2 2.2.1-1
-	- shibboleth-sp <removed>
+	- shibboleth-sp 3.0.2+dfsg1-2
 	- shibboleth-sp2 2.2.1+dfsg-1
 CVE-2009-3474 (OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as used by ...)
 	{DSA-1895-2 DSA-1896-1 DSA-1895-1}
 	- xmltooling 1.2.2-1
 	- opensaml 3.0.0-2
 	- opensaml2 2.2.1-1
-	- shibboleth-sp <removed>
+	- shibboleth-sp 3.0.2+dfsg1-2
 	- shibboleth-sp2 2.2.1+dfsg-1
 	[lenny] - opensaml 1.1.1-2+lenny1
 	[lenny] - opensaml2 2.0-2+lenny1
@@ -255122,7 +255122,7 @@ CVE-2009-3301 (Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OO
 CVE-2009-3300 (Multiple cross-site scripting (XSS) vulnerabilities in the Identity ...)
 	{DSA-1947-1}
 	- shibboleth-sp2 2.3+dfsg-1 (medium; bug #555608)
-	- shibboleth-sp <removed> (medium)
+	- shibboleth-sp 3.0.2+dfsg1-2 (medium)
 	- opensaml2 2.3-1 (medium)
 	NOTE: xmltooling also needs to be updated, changed in sid in 1.3.1-1
 CVE-2009-3299 (Cross-site scripting (XSS) vulnerability in the resume blocktype in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/51f44fc9dfd2fc5b22e450329e8ab2412fcfc439

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/51f44fc9dfd2fc5b22e450329e8ab2412fcfc439
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181125/1e66a3f7/attachment.html>