shibboleth-sp2_2.2.1+dfsg-1_i386.changes is NEW

Archive Administrator installer at ftp-master.debian.org
Tue Sep 8 01:02:19 UTC 2009


libapache2-mod-shib2_2.2.1+dfsg-1_i386.deb
  to pool/main/s/shibboleth-sp2/libapache2-mod-shib2_2.2.1+dfsg-1_i386.deb
libshibsp-dev_2.2.1+dfsg-1_i386.deb
  to pool/main/s/shibboleth-sp2/libshibsp-dev_2.2.1+dfsg-1_i386.deb
libshibsp-doc_2.2.1+dfsg-1_all.deb
  to pool/main/s/shibboleth-sp2/libshibsp-doc_2.2.1+dfsg-1_all.deb
(new) libshibsp3_2.2.1+dfsg-1_i386.deb extra libs
Federated web single sign-on system (runtime)
 The Shibboleth System is a standards based software package for web
 single sign-on across or within organizational boundaries.  It supports
 authorization and attribute exchange using the OASIS SAML 2.0 protocol.
 Shibboleth allows sites to make informed authorization decisions for
 individual access of protected online resources while allowing users to
 establish their identities with their local authentication systems.
 .
 This package contains the Shibboleth SP runtime library.
shibboleth-sp2-schemas_2.2.1+dfsg-1_all.deb
  to pool/main/s/shibboleth-sp2/shibboleth-sp2-schemas_2.2.1+dfsg-1_all.deb
shibboleth-sp2_2.2.1+dfsg-1.diff.gz
  to pool/main/s/shibboleth-sp2/shibboleth-sp2_2.2.1+dfsg-1.diff.gz
shibboleth-sp2_2.2.1+dfsg-1.dsc
  to pool/main/s/shibboleth-sp2/shibboleth-sp2_2.2.1+dfsg-1.dsc
shibboleth-sp2_2.2.1+dfsg.orig.tar.gz
  to pool/main/s/shibboleth-sp2/shibboleth-sp2_2.2.1+dfsg.orig.tar.gz
Changes: shibboleth-sp2 (2.2.1+dfsg-1) unstable; urgency=high
 .
  * New upstream release.
    - SECURITY: Fix improper handling of certificate names containing nul
      characters.
    - SECURITY: Correctly validate the use attribute of KeyDescriptors,
      preventing use of a key for signing or for encryption if its use
      field says it may not be used for that purpose.
    - New shib-metagen script for generating Shibboleth SP metadata.
    - Support preserving form data across user authentication.
    - Support internal server redirection while maintaining protection.
    - Fix incompatibility between lazy sessions and servlet containers.
    - Fix some problems with dynamic metadata resolution.
    - Fix incompatibility with mod_include.
    - Fix single logout via SOAP.
    - Fix shibd crash with invalid metadata.
    - Fix crash in chaining attribute resolver.
    - Avoid infinite loop on empty attribute mapped to REMOTE_USER.
    - Fix handling of some Unicode data in relaystate data in URLs.
    - Correctly return Success to LogoutRequest where appropriate.
    - Avoid chunked encoding in back-channel calls.
    - Correctly check Recipient values in assertions.
    - Fix attributePrefix handling in some contexts.
    - Fix generated metadata DiscoveryResponse.
    - Fix handling of unsigned responses with encryption.
    - Fix handling of InProcess property.
  * Rename library package for upstream SONAME bump.
  * Tighten build dependencies and schema package dependencies on
    opensaml2 and xmltooling.
  * Build against Xerces-C 3.0.
  * Dynamically determine the Debian and upstream package versions for
    get-orig-source from debian/changelog.
  * Update libapache2-mod-shib2's README.Debian for changes to the
    TestShib web pages.
  * Use the automatically-extracted package version as the version number
    for the man pages.
  * Update standards version to 3.8.3.
    - Create /var/run/shibboleth in the init script if it doesn't exist.
    - Don't ship /var/run/shibboleth in the package.
    - Remove /var/run/shibboleth in postrm if it exists.


Override entries for your package:
libapache2-mod-shib2_2.2.1+dfsg-1_i386.deb - extra httpd
libshibsp-dev_2.2.1+dfsg-1_i386.deb - extra libdevel
libshibsp-doc_2.2.1+dfsg-1_all.deb - extra doc
shibboleth-sp2-schemas_2.2.1+dfsg-1_all.deb - extra text
shibboleth-sp2_2.2.1+dfsg-1.dsc - source web

Announcing to debian-devel-changes at lists.debian.org


Your package contains new components which requires manual editing of
the override file.  It is ok otherwise, so please be patient.  New
packages are usually added to the override file about once a week.

You may have gotten the distribution wrong.  You'll get warnings above
if files already exist in other distributions.



More information about the Pkg-shibboleth-devel mailing list