[SCM] Debian packaging for the Shibboleth Apache SP branch, lenny, created. debian/1.3.1.dfsg1-3-1-gc8a58a5
Russ Allbery
rra at debian.org
Wed Sep 23 05:53:46 UTC 2009
The branch, lenny has been created
at c8a58a54d304dbb51cc157e62efa961d658fec6c (commit)
- Shortlog ------------------------------------------------------------
commit c8a58a54d304dbb51cc157e62efa961d658fec6c
Author: Russ Allbery <rra at debian.org>
Date: Tue Sep 22 16:18:32 2009 -0700
Backport upstream security fix for certificate names containing nul
* SECURITY: Certificate subject names were incorrectly matched against
trusted "key names" when they contained nul characters. This affects
only Shibboleth deployments relying on the "PKIX" style of trust
validation, used in the absence of explicit certificate information in
the SAML metadata provided to the SP and reliance on certificate
authorities found in the <KeyAuthority> metadata extension element.
See <http://shibboleth.internet2.edu/secadv/secadv_20090817.txt>
-----------------------------------------------------------------------
--
Debian packaging for the Shibboleth Apache SP
More information about the Pkg-shibboleth-devel
mailing list