Bug#793855: DoS, Shibboleth SP software crashes on well-formed but invalid XML (CVE-2015-0851)

Ferenc Wagner wferi at niif.hu
Tue Jul 28 10:15:43 UTC 2015

We're already working on this with the Security Team.  I wonder if I
should prepare new packages (for {wheezy,jessie}-security) with the
changelogs closing this bug.  Or should it be closed by the unstable
upload of 1.5.5?  The proposed security uploads can be found at

More information about the Pkg-shibboleth-devel mailing list