[SCM] Debian packaging for the 2.0 Apache Shibboleth SP annotated tag, debian/2.0.dfsg1-4+lenny2, created. debian/2.0.dfsg1-4+lenny2
Russ Allbery
rra at debian.org
Sun Dec 6 21:25:03 UTC 2009
The annotated tag, debian/2.0.dfsg1-4+lenny2 has been created
at 59bf9fa0332ccfa250576acafc701e9ab3eab5a9 (tag)
tagging dce164a814894faa10231b05c5ef40326aea3a0e (commit)
replaces debian/2.0.dfsg1-4+lenny1
tagged by Russ Allbery
on Sun Dec 6 13:23:34 2009 -0800
- Shortlog ------------------------------------------------------------
Debian release 2.0.dfsg1-4+lenny2
Format: 1.8
Date: Tue, 24 Nov 2009 16:02:12 +0100
Source: shibboleth-sp2
Binary: libapache2-mod-shib2 libshibsp1 libshibsp-dev libshibsp-doc shibboleth-sp2-schemas
Architecture: source i386 all
Version: 2.0.dfsg1-4+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel at lists.alioth.debian.org>
Changed-By: Ferenc Wagner <wferi at niif.hu>
Description:
libapache2-mod-shib2 - Federated web single sign-on system (Apache module)
libshibsp-dev - Federated web single sign-on system (development)
libshibsp-doc - Federated web single sign-on system (API docs)
libshibsp1 - Federated web single sign-on system (runtime)
shibboleth-sp2-schemas - Federated web single sign-on system (schemas)
Closes: 555608
Changes:
shibboleth-sp2 (2.0.dfsg1-4+lenny2) stable-security; urgency=high
.
* SECURITY: Partial fix for improper handling of URLs that could be
abused for script injection and other cross-site scripting attacks.
The complete fix also requires a newer opensaml2 package.
(Closes: #555608, CVE-2009-3300)
Checksums-Sha1:
c77f4ca965aaf84f9caa041be19dee90a1793017 1672 shibboleth-sp2_2.0.dfsg1-4+lenny2.dsc
dad477d1ffb355e1ac1369bcf7db71191934e522 17174 shibboleth-sp2_2.0.dfsg1-4+lenny2.diff.gz
6157a3ac29a690e2f101b0c12a10529e288e16ff 220864 libapache2-mod-shib2_2.0.dfsg1-4+lenny2_i386.deb
113729fbcf810d73f5d7753d4271edcdc7327044 830196 libshibsp1_2.0.dfsg1-4+lenny2_i386.deb
64bc8e4cb5e28c7b9c27c653610f89bc95348842 39896 libshibsp-dev_2.0.dfsg1-4+lenny2_i386.deb
04a3b0e61d42a907d1d6e88e3bb1861d8ce1267d 258520 libshibsp-doc_2.0.dfsg1-4+lenny2_all.deb
b40193580e293f55615725842ad7b82161da1a3d 15434 shibboleth-sp2-schemas_2.0.dfsg1-4+lenny2_all.deb
Checksums-Sha256:
6edb0f338c28b192460cc8cec1f9f7d82f8a4a52cf255b9b11a58b73595bf06c 1672 shibboleth-sp2_2.0.dfsg1-4+lenny2.dsc
384e32555b4b6f4d34b3f41c926695a820693b8830c8d5ab7723c4bf6ab8d46d 17174 shibboleth-sp2_2.0.dfsg1-4+lenny2.diff.gz
1b9c50e7ad0dfb0aec5a581a94e5d2432a1c3ce335f6ecd575f6054ebd76dcc9 220864 libapache2-mod-shib2_2.0.dfsg1-4+lenny2_i386.deb
421565214eb1c4a5f559435e6c64f3967799b649c741544fd4958d675d2736f8 830196 libshibsp1_2.0.dfsg1-4+lenny2_i386.deb
789042c0627075c7420066e3c7d5418b9e12052282e2557ea68e36430f391892 39896 libshibsp-dev_2.0.dfsg1-4+lenny2_i386.deb
abdf8e5c973a8a1a4e6123f57a6b55bd5dd0f866fbbaab6786ffdf870dcd8c35 258520 libshibsp-doc_2.0.dfsg1-4+lenny2_all.deb
5279cdb700033339ad6a36d635016efe6b541d088d1966e21d45376ea2288a75 15434 shibboleth-sp2-schemas_2.0.dfsg1-4+lenny2_all.deb
Files:
7cef2a57583d84e46a214475c4a25393 1672 web extra shibboleth-sp2_2.0.dfsg1-4+lenny2.dsc
b9b0333f56c573d4a7f9bf608cbc4a89 17174 web extra shibboleth-sp2_2.0.dfsg1-4+lenny2.diff.gz
e29f350428d1b68225d7c8ba7cd3a1ae 220864 web extra libapache2-mod-shib2_2.0.dfsg1-4+lenny2_i386.deb
69baa4d5223c2de49c11efb1f5221a60 830196 libs extra libshibsp1_2.0.dfsg1-4+lenny2_i386.deb
92ee9791f3230e4ea0af774d21f94168 39896 libdevel extra libshibsp-dev_2.0.dfsg1-4+lenny2_i386.deb
39b8bdad69f6bfa31730c459da5b575c 258520 doc extra libshibsp-doc_2.0.dfsg1-4+lenny2_all.deb
4f601fe9b3886b22316a141e01e707a6 15434 text extra shibboleth-sp2-schemas_2.0.dfsg1-4+lenny2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEABECAAYFAkscIOoACgkQ+YXjQAr8dHay2QCfbNmSi8+/Nsl6nVXadIZeDqeg
ws0AoJ2Hhj1qyu8YHCpBGiggqecdMYKK
=RTho
-----END PGP SIGNATURE-----
Ferenc Wagner (1):
Backport fix of CVE-2009-3300 for SP
Russ Allbery (2):
Bump shlibs and libtool versioning for the libshibsp change
Include a description of the security issue in the changelog
-----------------------------------------------------------------------
--
Debian packaging for the 2.0 Apache Shibboleth SP
More information about the Pkg-shibboleth-devel
mailing list