[SCM] Debian packaging for the 2.0 Apache Shibboleth SP annotated tag, debian/2.3+dfsg-1, created. debian/2.3+dfsg-1

Russ Allbery rra at debian.org
Thu Nov 12 00:30:16 UTC 2009


The annotated tag, debian/2.3+dfsg-1 has been created
        at  c7b6cc385d3d71a81669fa513ebcd4f570064a24 (tag)
   tagging  68b291037f5f04ea0b0b27af5516284e52d9624d (commit)
  replaces  debian/2.2.1+dfsg-2
 tagged by  Russ Allbery
        on  Wed Nov 11 16:29:37 2009 -0800

- Shortlog ------------------------------------------------------------
Debian release 2.3+dfsg-1

Format: 1.8
Date: Wed, 11 Nov 2009 14:39:44 -0800
Source: shibboleth-sp2
Binary: libapache2-mod-shib2 libshibsp4 libshibsp-dev libshibsp-doc shibboleth-sp2-schemas
Architecture: source i386 all
Version: 2.3+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel at lists.alioth.debian.org>
Changed-By: Russ Allbery <rra at debian.org>
Description:
 libapache2-mod-shib2 - Federated web single sign-on system (Apache module)
 libshibsp-dev - Federated web single sign-on system (development)
 libshibsp-doc - Federated web single sign-on system (API docs)
 libshibsp4 - Federated web single sign-on system (runtime)
 shibboleth-sp2-schemas - Federated web single sign-on system (schemas)
Closes: 555608
Changes:
 shibboleth-sp2 (2.3+dfsg-1) unstable; urgency=high
 .
   [ Russ Allbery ]
   * Urgency set to high for security fix.
   * New upstream release.
     - SECURITY: Partial fix for improper handling of URLs that could be
       abused for script injection and other cross-site scripting attacks.
       The complete fix also requires newer xmltooling and opensaml2
       packages.  (Closes: #555608, CVE-2009-3300)
     - Avoid shibd crash on dead memcache server.
     - Pass the affiliation name to the session initiator.
     - Correctly handle a bogus ACS.
     - Allow overriding the URL that's passed to the DS.
     - Add schema types for new attribute decoders introduced in 2.2.
     - Handle success with partial logout in the logout UI code.
     - Fix POST data preservation with empty parameters and empty forms.
     - Fix SAML 1 specification of attributes in the query plugin.
     - Shorten ePTId-type persistent identifiers.
     - Use an ID rather than a whole doc reference for generated metadata.
     - Fix spelling of scopeDelimiter in the configuration parser, making
       the code and documentation match the schema.
   * Rename library package for upstream SONAME bump.
   * Tighten build and package dependencies on xmltooling and opensaml2 to
     require the versions with the security fix.
   * Fix watch file for the new version mangling.
   * Improve documentation of DAEMON_OPTS in /etc/default/shibd.
   * Remove unnecessary patches to upstream files regenerated during the
     build from the source package diff.
 .
   [ Faidon Liambotis ]
   * Run make install with NOKEYGEN=1 and stop rm-ing generated
     certificates.  Fixes FTBFS.
 .
   [ Ferenc Wagner ]
   * Run shibd as non-root.
Checksums-Sha1:
 759a0af4d3362c84ba5fe61039d57032b8b83ec6 1636 shibboleth-sp2_2.3+dfsg-1.dsc
 a15ac5bf6c65a26e44a8b5be2fc194edc6574067 807364 shibboleth-sp2_2.3+dfsg.orig.tar.gz
 dcf8a12d5245ab3c35c2a0a7881e27f5c94c6b11 17637 shibboleth-sp2_2.3+dfsg-1.diff.gz
 cd104c7ad311946f36133666c42dae4c9d9089f9 225598 libapache2-mod-shib2_2.3+dfsg-1_i386.deb
 0700e3080a2f566ef7860e78c2cea34e1839cf14 951818 libshibsp4_2.3+dfsg-1_i386.deb
 eda10a972f35975408e0027d9bab40b852883f88 42964 libshibsp-dev_2.3+dfsg-1_i386.deb
 0409cb229a24ab3629bb34d4a7e28c0bed424032 331962 libshibsp-doc_2.3+dfsg-1_all.deb
 34777ccd22bfcaa068c6e686bc14141a3b256890 18268 shibboleth-sp2-schemas_2.3+dfsg-1_all.deb
Checksums-Sha256:
 72e530cd880560a27c1d6f1ed57eacae54693ac0064fae6674e61133e411cfd7 1636 shibboleth-sp2_2.3+dfsg-1.dsc
 5a19c7078dd67d42a97630ea82096bdeb0f09d3a070e67cf7cea9281487e1e88 807364 shibboleth-sp2_2.3+dfsg.orig.tar.gz
 865c4fdfa67219225efccf3a907c98778e33f4e55fa27ea52e9f944c569fd47e 17637 shibboleth-sp2_2.3+dfsg-1.diff.gz
 e35dc4e7d48d849dd91e102b9971a894d3d08ec401b147abe1ce63cceef11e0e 225598 libapache2-mod-shib2_2.3+dfsg-1_i386.deb
 6225d432dfbb5ecd28a92952619896fd5a9a8249253fd00ad0bab209d94369d2 951818 libshibsp4_2.3+dfsg-1_i386.deb
 af00b4f99e8edc763b63eab82f5b2c25830d6b908f9d2b1215b5917aca463a07 42964 libshibsp-dev_2.3+dfsg-1_i386.deb
 58ad0b6f6df170f3b3602ad9d7cc296e2b962f03cde2be447b57e6ca9b7612fa 331962 libshibsp-doc_2.3+dfsg-1_all.deb
 cfb3c93b85e3d930cd8682748765c15e12212afe69d875762a6f6edd4ed5b9ce 18268 shibboleth-sp2-schemas_2.3+dfsg-1_all.deb
Files:
 2f88c18d3f409d31ec7483ef3eaca5a7 1636 web extra shibboleth-sp2_2.3+dfsg-1.dsc
 6d674cfe5862654ab05831a4a5fc2d2b 807364 web extra shibboleth-sp2_2.3+dfsg.orig.tar.gz
 bbf138cb1fb1604452b3ebcbde5ad110 17637 web extra shibboleth-sp2_2.3+dfsg-1.diff.gz
 09c2a32811c93e7b97fcaec16f6166d5 225598 httpd extra libapache2-mod-shib2_2.3+dfsg-1_i386.deb
 c7315ddf839d59cd17071ce911baef3a 951818 libs extra libshibsp4_2.3+dfsg-1_i386.deb
 53869c333d823ff96883f646a2b06e21 42964 libdevel extra libshibsp-dev_2.3+dfsg-1_i386.deb
 d6d2b1fbc88bcb026d4d17ba2885c5cd 331962 doc extra libshibsp-doc_2.3+dfsg-1_all.deb
 b70882e72d1c158c7a661db696855249 18268 text extra shibboleth-sp2-schemas_2.3+dfsg-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEABECAAYFAkr7VwIACgkQ+YXjQAr8dHbtZACgwm4klERFQX/yUf5hcXHfUa/t
W6YAmwTq8rZNXQQWKB/kAanDJzanZ0lV
=kvo1
-----END PGP SIGNATURE-----

Faidon Liambotis (1):
      Run make install with NOKEYGEN=1

Ferenc Wagner (2):
      Run shibd as non-root
      Fix comment typos in init script

Russ Allbery (31):
      Initial changelog for 2.3
      Fix watch file for the new version mangling
      Imported Upstream version 2.3+dfsg
      Merge commit 'upstream/2.3+dfsg'
      Merge branch 'upstream' into bug/init
      Merge branch 'bug/init'
      Merge branch 'upstream' into debian
      Update README.Debian for new require session syntax
      Add additional upstream changes for 2.3
      Merge branch 'debian'
      Tighten build and package dependencies
      Bump urgency for security fix
      Rename library package for upstream SONAME bump
      Merge branch 'debian'
      Fix another location of the library package name
      Merge branch 'debian'
      Revert local modification of shibsp/paths.h
      Revert to upstream configs/Makefile.in
      Document removal of unnecessary patches to generated files
      Improve documentation of DAEMON_OPTS in /etc/default/shibd
      Additional documentation and formatting for DAEMON_USER support
      Add a NEWS.Debian entry for the shibd run-time user change
      Merge branch 'debian'
      Make NEWS.Debian urgency match debian/changelog urgency
      Finalize changes for 2.3+dfsg-1
      Merge branch 'debian'
      Fix stray whitespace in init restart rule from mismerge
      Fix logic mistake in shibd as non-root user probe
      Fix documentation in /etc/default/shibd
      Update date for the 2.3+dfsg-1 release
      Merge branch 'debian'

-----------------------------------------------------------------------

-- 
Debian packaging for the 2.0 Apache Shibboleth SP



More information about the Pkg-shibboleth-devel mailing list