[SCM] Debian packaging for the Shibboleth Apache SP branch, etch, created. 6373fe6a46b4aa319f1f63d4873ce44c97d33139
Russ Allbery
rra at debian.org
Wed Sep 23 05:53:46 UTC 2009
The branch, etch has been created
at 6373fe6a46b4aa319f1f63d4873ce44c97d33139 (commit)
- Shortlog ------------------------------------------------------------
commit 6373fe6a46b4aa319f1f63d4873ce44c97d33139
Author: Russ Allbery <rra at debian.org>
Date: Tue Sep 22 17:38:25 2009 -0700
Backport upstream security fix for certificate names containing nul
* SECURITY: Certificate subject names were incorrectly matched against
trusted "key names" when they contained nul characters. This affects
only Shibboleth deployments relying on the "PKIX" style of trust
validation, used in the absence of explicit certificate information in
the SAML metadata provided to the SP and reliance on certificate
authorities found in the <KeyAuthority> metadata extension element.
See <http://shibboleth.internet2.edu/secadv/secadv_20090817.txt>
-----------------------------------------------------------------------
--
Debian packaging for the Shibboleth Apache SP
More information about the Pkg-shibboleth-devel
mailing list