[Git][security-tracker-team/security-tracker][master] CVE-2021-28963 assigned for shibboleth-sp

Salvatore Bonaccorso carnil at debian.org
Mon Mar 22 07:20:25 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8bdc0d9b by Salvatore Bonaccorso at 2021-03-22T08:19:18+01:00
CVE-2021-28963 assigned for shibboleth-sp

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -661,11 +661,9 @@ CVE-2021-28652
 	RESERVED
 CVE-2021-28651
 	RESERVED
-CVE-2021-XXXX [shib service provide phishing]
+CVE-2021-28963 [shib service provide phishing]
 	- shibboleth-sp 3.2.1+dfsg1-1 (bug #985405)
-	[buster] - shibboleth-sp 3.0.4+dfsg1-1+deb10u1
 	- shibboleth-sp2 <removed>
-	[stretch] - shibboleth-sp2 2.6.0+dfsg1-4+deb9u2
 	NOTE: https://shibboleth.net/community/advisories/secadv_20210317.txt
 	NOTE: https://issues.shibboleth.net/jira/browse/SSPCPP-922
 	NOTE: https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=d1dbebfadc1bdb824fea63843c4c38fa69e54379


=====================================
data/DLA/list
=====================================
@@ -10,6 +10,7 @@
 	{CVE-2021-27291}
 	[stretch] - pygments 2.2.0+dfsg-1+deb9u2
 [19 Mar 2021] DLA-2599-1 shibboleth-sp2 - security update
+	{CVE-2021-28963}
 	[stretch] - shibboleth-sp2 2.6.0+dfsg1-4+deb9u2
 [19 Mar 2021] DLA-2598-1 squid3 - security update
 	{CVE-2020-25097}


=====================================
data/DSA/list
=====================================
@@ -1,4 +1,5 @@
 [18 Mar 2021] DSA-4872-1 shibboleth-sp - security update
+	{CVE-2021-28963}
 	[buster] - shibboleth-sp 3.0.4+dfsg1-1+deb10u1
 [16 Mar 2021] DSA-4871-1 tor - security update
 	{CVE-2021-28089 CVE-2021-28090}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bdc0d9bc3c6ccb66c36165ec95b2e27d0f597fe

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bdc0d9bc3c6ccb66c36165ec95b2e27d0f597fe
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210322/651b59b7/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list