Shibboleth security fixes for Debian lenny
Russ Allbery
rra at debian.org
Fri Sep 18 17:01:31 UTC 2009
Russ Allbery <rra at debian.org> writes:
> I've just pushed updates to the lenny branches of xmltooling, opensaml2,
> and shibboleth-sp2, which backport the security fixes for the
> vulnerabilities:
> http://shibboleth.internet2.edu/secadv/secadv_20090826.txt
> http://shibboleth.internet2.edu/secadv/secadv_20090817.txt
> http://shibboleth.internet2.edu/secadv/secadv_20090817a.txt
> I've tested the resulting packages against TestShib Two and they work to
> that extent, but as before I'm not in a position to do any sophisticated
> testing. If you're in a position to test and could give it a try, that
> would be great. The packages should build without any trouble on lenny.
I got the wrong pieces of this fix -- please hold off from testing for
right now. I'll get the right pieces and retest a better fix.
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
More information about the Pkg-shibboleth-devel
mailing list