Upstream Security Vulnerability?
Peter Schober
peter.schober at univie.ac.at
Wed Mar 19 17:37:53 GMT 2025
Jonathan Proulx <jon at csail.mit.edu> [2025-03-19 18:30 CET]:
> I was notified of
> https://shibboleth.net/community/advisories/secadv_20250313.txt by our
> campus security team.
Note that if you're a deployer of the software (or are required to
stay on top of in these things for other reasons) you should stay
informed about these things:
1. via the communication channels offered by the upstream project:
https://shibboleth.net/mailman/listinfo/announce
2. via the debian-security-announce mailing list
https://www.debian.org/security/
All of which have provided information about this in a timely fashion:
https://shibboleth.net/pipermail/announce/2025-March/thread.html
https://lists.debian.org/debian-security-announce/2025/msg00041.html
Best regards,
-peter
More information about the Pkg-shibboleth-devel
mailing list