[SCM] Debian packaging for OpenSAML 2.0 annotated tag, debian/2.3-1, created. debian/2.3-1

Russ Allbery rra at debian.org
Sun Dec 6 21:24:47 UTC 2009 

The annotated tag, debian/2.3-1 has been created
        at  067902767485178207f33bf8297eabbb139cb7b3 (tag)
   tagging  93261d88593b2ffa6b5283d1788f8fca9c244dfb (commit)
  replaces  debian/2.2.1-1
 tagged by  Russ Allbery
        on  Tue Nov 10 10:39:29 2009 -0800

- Shortlog ------------------------------------------------------------
Debian release 2.3-1

Format: 1.8
Date: Fri, 06 Nov 2009 15:09:04 -0800
Source: opensaml2
Binary: libsaml6 libsaml2-dev opensaml2-tools opensaml2-schemas libsaml2-doc
Architecture: source i386 all
Version: 2.3-1
Distribution: unstable
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel at lists.alioth.debian.org>
Changed-By: Russ Allbery <rra at debian.org>
Description:
 libsaml2-dev - Security Assertion Markup Language library (development)
 libsaml2-doc - Security Assertion Markup Language library (API docs)
 libsaml6   - Security Assertion Markup Language library (runtime)
 opensaml2-schemas - Security Assertion Markup Language library (XML schemas)
 opensaml2-tools - Security Assertion Markup Language command-line tools
Changes:
 opensaml2 (2.3-1) unstable; urgency=high
 .
   * Urgency set to high for security fix.
   * New upstream release.
     - SECURITY: Partial fix for improper handling of URLs that could be
       abused for script injection and other cross-site scripting attacks.
       The complete fix also requires newer xmltooling and shibboleth-sp2
       packages.  (CVE-2009-3300)
     - Fix crash on assertions with missing SubjectConfirmation.
     - Remove inline functions except for templates or RAII patterns.
     - Remove xml from the inclusive prefix list to avoid bugs in Apache
       Java xmlsec.
     - Honor digest algorithm in whole document signing with empty URI.
   * Rename library package for upstream SONAME bump.
   * Build-depend on libxmltooling-dev 1.3 or later and make libsaml2-dev
     depend on libxmltooling-dev 1.3 or later for the fixes for URL
     sanitization.
   * Build-depend on libxml-security-c-dev 1.5 or later to ensure
     that all builds are consistent.
Checksums-Sha1:
 683fc5326924613b0740ba69f78f02eb05b06eb0 1444 opensaml2_2.3-1.dsc
 d5b29a25a26a85957379279280b0f530146ec185 926057 opensaml2_2.3.orig.tar.gz
 a6d5128cf0d8e6fa9e32736af794059d682887e0 7369 opensaml2_2.3-1.diff.gz
 920c448d41521412a700feb22f090c295375c409 1204852 libsaml6_2.3-1_i386.deb
 aed66cdfbaafcc044a578cedc30fe7fc5ff70b20 47456 libsaml2-dev_2.3-1_i386.deb
 1a7500721bf927ee9e67e3f8fabd60cfeed93594 25092 opensaml2-tools_2.3-1_i386.deb
 9df5bdd48f7262d93abf688d6e0aa495a11bdf44 27822 opensaml2-schemas_2.3-1_all.deb
 df24ea17dcbb2f802e136e7af24dc17a79d052c7 421974 libsaml2-doc_2.3-1_all.deb
Checksums-Sha256:
 4109a98feb891f28db8fd3fe70d94f30e865b27c6bd73d76fbc908407b4561c7 1444 opensaml2_2.3-1.dsc
 027b3b9a6f5c147dd434d52e674ca238672412595dfa18675a70bafc5495e2fd 926057 opensaml2_2.3.orig.tar.gz
 3566007f689f9bf6aea2897166fc92998715197b9e7a61d55a40a4d04deff89c 7369 opensaml2_2.3-1.diff.gz
 d47d2d53f3949405b497cb4bc392ef10fcab1f413e1680571ad3018f1f576175 1204852 libsaml6_2.3-1_i386.deb
 079999da97ccbdcc230f8e31277df61cdb62f9299848f00aadeb456c7704540b 47456 libsaml2-dev_2.3-1_i386.deb
 df189368250b95cb85c8af8fda122cd69ec27f4e7471ba880764118a9dcc23f7 25092 opensaml2-tools_2.3-1_i386.deb
 1ef7c76b70fbd57068ad6bd63e4e49db1db79636f44e440147f6776c1457f7bd 27822 opensaml2-schemas_2.3-1_all.deb
 fe6347a873320640608592005e746ec026a030bb19a4843f8c964fc3e929af4f 421974 libsaml2-doc_2.3-1_all.deb
Files:
 6001f08d173376d0601ef58031ffe068 1444 libs extra opensaml2_2.3-1.dsc
 9695d40cb28519c2cde8211cd1c3dc69 926057 libs extra opensaml2_2.3.orig.tar.gz
 3247ba2b6dfdeafe970828855afa4a75 7369 libs extra opensaml2_2.3-1.diff.gz
 4c762995e7c332852592b34768125f40 1204852 libs extra libsaml6_2.3-1_i386.deb
 44746d3bd0872916b557092f8e319417 47456 libdevel extra libsaml2-dev_2.3-1_i386.deb
 d4070c52ee88372def335281c46f260a 25092 text extra opensaml2-tools_2.3-1_i386.deb
 4b1051249d950993a8cdf024487e5e35 27822 text extra opensaml2-schemas_2.3-1_all.deb
 791bad621a17f7e663e3dc836bf189d4 421974 doc extra libsaml2-doc_2.3-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEABECAAYFAkr5s28ACgkQ+YXjQAr8dHbJZwCdFXtMdWpTYOPZE+xqQWZmOcK9
6QwAn0rX+OHEuHcm7v9wq/5Vcjm2zrAr
=wmYg
-----END PGP SIGNATURE-----

Russ Allbery (7):
      Imported Upstream version 2.3
      Merge commit 'upstream/2.3'
      Merge branch 'upstream' into debian
      Add initial changelog for 2.3-1
      Rename library package for upstream SONAME bump
      Fix interpackage dependencies
      Merge branch 'debian'

-----------------------------------------------------------------------

-- 
Debian packaging for OpenSAML 2.0

More information about the Pkg-shibboleth-devel mailing list