[SCM] Debian packaging for the 2.0 Apache Shibboleth SP branch, debian, updated. upstream/2.3.1+dfsg-160-gfc2fcc3
Russ Allbery
rra at debian.org
Wed Nov 24 21:30:00 UTC 2010
The following commit has been merged in the debian branch:
commit fc2fcc33b5dd05eca1b3dad1c887a819e5e3c26e
Author: Russ Allbery <rra at debian.org>
Date: Wed Nov 24 13:29:22 2010 -0800
Mention CVE for the world-readable key issue
Add CVE for the world-readable certificate key to the changelog entry
of 2.3.1+dfsg-2 so that the security tracker knows it was fixed.
diff --git a/debian/changelog b/debian/changelog
index 7b6962f..0e495ea 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -12,7 +12,7 @@ shibboleth-sp2 (2.3.1+dfsg-3) UNRELEASED; urgency=low
shibboleth-sp2 (2.3.1+dfsg-2) unstable; urgency=low
* Modify shib-keygen to create the new certificate key group-readable by
- _shibd and not world-readable. (Closes: #571631)
+ _shibd and not world-readable. (Closes: #571631, CVE-2010-2450)
* Force source format 1.0 for now since it makes backporting easier.
* Update debhelper compatibility level to V7.
- Use dh_prep instead of dh_clean -k.
--
Debian packaging for the 2.0 Apache Shibboleth SP
More information about the Pkg-shibboleth-devel
mailing list