[SCM] Debian packaging for the Shibboleth Apache SP annotated tag, debian/1.3.1.dfsg1-3+lenny1, created. debian/1.3.1.dfsg1-3+lenny1

Russ Allbery rra at debian.org
Sat Sep 26 23:07:49 UTC 2009 

The annotated tag, debian/1.3.1.dfsg1-3+lenny1 has been created
        at  2ff37ba4c7a7c0c30784be59b6a21833f98095d6 (tag)
   tagging  561f181fcbbcc4ee85860a2cc96740e442281155 (commit)
  replaces  debian/1.3.1.dfsg1-3
 tagged by  Russ Allbery
        on  Sat Sep 26 16:06:40 2009 -0700

- Shortlog ------------------------------------------------------------
Debian release 1.3.1.dfsg1-3+lenny1

Format: 1.8
Date: Thu, 24 Sep 2009 20:27:16 -0700
Source: shibboleth-sp
Binary: libshib-dev libshib6 libshib-target5 libapache2-mod-shib
Architecture: source i386
Version: 1.3.1.dfsg1-3+lenny1
Distribution: stable-security
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel at lists.alioth.debian.org>
Changed-By: Russ Allbery <rra at debian.org>
Description:
 libapache2-mod-shib - Federated web single sign-on system (Apache module)
 libshib-dev - Federated web single sign-on system (development)
 libshib-target5 - Federated web single sign-on system (target runtime)
 libshib6   - Federated web single sign-on system (runtime)
Changes:
 shibboleth-sp (1.3.1.dfsg1-3+lenny1) stable-security; urgency=high
 .
   * SECURITY: Correctly handle decoding of malformed URLs, closing a
     possibly exploitable buffer overflow.
     See <http://shibboleth.internet2.edu/secadv/secadv_20090826.txt>
   * SECURITY: Certificate subject names were incorrectly matched against
     trusted "key names" when they contained nul characters.  This affects
     only Shibboleth deployments relying on the "PKIX" style of trust
     validation, used in the absence of explicit certificate information in
     the SAML metadata provided to the SP and reliance on certificate
     authorities found in the <KeyAuthority> metadata extension element.
     See <http://shibboleth.internet2.edu/secadv/secadv_20090817.txt>
Checksums-Sha1:
 ae44334485eb23f1eb3c5c258158b17f4908d150 1591 shibboleth-sp_1.3.1.dfsg1-3+lenny1.dsc
 1c651e45b2ca9e48c6c5aae3401fb1f0281b169e 761686 shibboleth-sp_1.3.1.dfsg1.orig.tar.gz
 4dd115835cf12aac5e8c917e76cffc3e49dc2f94 30356 shibboleth-sp_1.3.1.dfsg1-3+lenny1.diff.gz
 642df8830c36b9c2814f51ca5b9dabe6b36eaf2f 421360 libshib-dev_1.3.1.dfsg1-3+lenny1_i386.deb
 26720c16d2abdd5e5775af3f9612d96a96e30249 78522 libshib6_1.3.1.dfsg1-3+lenny1_i386.deb
 d1d30ace2aad20cfe79603f0e08cc84f1257401a 197712 libshib-target5_1.3.1.dfsg1-3+lenny1_i386.deb
 3eec58a7c4bc86516b1b2dcbe99b2c9b3d2ab8d0 3512518 libapache2-mod-shib_1.3.1.dfsg1-3+lenny1_i386.deb
Checksums-Sha256:
 4f8ccc143b9ef7d12d2ca9089d6d18e539f17cc9041a3f86517a1b85f88267df 1591 shibboleth-sp_1.3.1.dfsg1-3+lenny1.dsc
 432ca216381d9461744c4dc044754fed261484824ec6d76da7e5ca4e252d6d20 761686 shibboleth-sp_1.3.1.dfsg1.orig.tar.gz
 e669e07d974584410f4034280153c2406473b54f5c82d1441beef2cb9b503a48 30356 shibboleth-sp_1.3.1.dfsg1-3+lenny1.diff.gz
 b52ff3d946878c8e5b36bd59056fbc275e458911a736e20a7ce9bdff7dde128f 421360 libshib-dev_1.3.1.dfsg1-3+lenny1_i386.deb
 a2a30d6beecce4d2e97ed28a45eab9c6b39572429efef5f7e8b3c466d87f4867 78522 libshib6_1.3.1.dfsg1-3+lenny1_i386.deb
 7dd6c5844cd8fd4c96d27174063e97a123cc4493e272c0590f17fc2e550da149 197712 libshib-target5_1.3.1.dfsg1-3+lenny1_i386.deb
 3fa22dbf55810da67aab093d5cb1bdd94d3d96cf455edd6f420f99d65ee3a34e 3512518 libapache2-mod-shib_1.3.1.dfsg1-3+lenny1_i386.deb
Files:
 957e199b8371dd0b00b354b6b6464fba 1591 web optional shibboleth-sp_1.3.1.dfsg1-3+lenny1.dsc
 996ac4370cd8cb91528169c1e2c337b6 761686 web optional shibboleth-sp_1.3.1.dfsg1.orig.tar.gz
 b055345581eadf17a1f169e9ac31f474 30356 web optional shibboleth-sp_1.3.1.dfsg1-3+lenny1.diff.gz
 e4c83085f5a4f14156d24aff2b4b48f2 421360 libdevel extra libshib-dev_1.3.1.dfsg1-3+lenny1_i386.deb
 02ee34906281e3e4b7a361b95ac92756 78522 libs optional libshib6_1.3.1.dfsg1-3+lenny1_i386.deb
 3b688248585cdb7f4d80496a84898585 197712 libs optional libshib-target5_1.3.1.dfsg1-3+lenny1_i386.deb
 5824ef05fb06f828505c2d31fcc6dae3 3512518 web optional libapache2-mod-shib_1.3.1.dfsg1-3+lenny1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEABECAAYFAkq+npIACgkQ+YXjQAr8dHYi+gCglRq0+QGqFaAU6TfRruQmhLRa
ZiQAn38iBIkrCBaTGM8Y/4FvURyHmIuf
=M0RF
-----END PGP SIGNATURE-----

Russ Allbery (3):
      Backport upstream security fix for certificate names containing nul
      Backport upstream security patch for URL parsing
      Finalize changes for 1.3.1.dfsg1-3+lenny1

-----------------------------------------------------------------------

-- 
Debian packaging for the Shibboleth Apache SP

More information about the Pkg-shibboleth-devel mailing list