-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 24 Nov 2009 16:02:12 +0100 Source: shibboleth-sp2 Binary: libapache2-mod-shib2 libshibsp1 libshibsp-dev libshibsp-doc shibboleth-sp2-schemas Architecture: source i386 all Version: 2.0.dfsg1-4+lenny2 Distribution: stable-security Urgency: high Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org> Changed-By: Ferenc Wagner <wferi@niif.hu> Description: libapache2-mod-shib2 - Federated web single sign-on system (Apache module) libshibsp-dev - Federated web single sign-on system (development) libshibsp-doc - Federated web single sign-on system (API docs) libshibsp1 - Federated web single sign-on system (runtime) shibboleth-sp2-schemas - Federated web single sign-on system (schemas) Closes: 555608 Changes: shibboleth-sp2 (2.0.dfsg1-4+lenny2) stable-security; urgency=high . * SECURITY: Partial fix for improper handling of URLs that could be abused for script injection and other cross-site scripting attacks. The complete fix also requires a newer opensaml2 package. (Closes: #555608, CVE-2009-3300) Checksums-Sha1: c77f4ca965aaf84f9caa041be19dee90a1793017 1672 shibboleth-sp2_2.0.dfsg1-4+lenny2.dsc dad477d1ffb355e1ac1369bcf7db71191934e522 17174 shibboleth-sp2_2.0.dfsg1-4+lenny2.diff.gz 6157a3ac29a690e2f101b0c12a10529e288e16ff 220864 libapache2-mod-shib2_2.0.dfsg1-4+lenny2_i386.deb 113729fbcf810d73f5d7753d4271edcdc7327044 830196 libshibsp1_2.0.dfsg1-4+lenny2_i386.deb 64bc8e4cb5e28c7b9c27c653610f89bc95348842 39896 libshibsp-dev_2.0.dfsg1-4+lenny2_i386.deb 04a3b0e61d42a907d1d6e88e3bb1861d8ce1267d 258520 libshibsp-doc_2.0.dfsg1-4+lenny2_all.deb b40193580e293f55615725842ad7b82161da1a3d 15434 shibboleth-sp2-schemas_2.0.dfsg1-4+lenny2_all.deb Checksums-Sha256: 6edb0f338c28b192460cc8cec1f9f7d82f8a4a52cf255b9b11a58b73595bf06c 1672 shibboleth-sp2_2.0.dfsg1-4+lenny2.dsc 384e32555b4b6f4d34b3f41c926695a820693b8830c8d5ab7723c4bf6ab8d46d 17174 shibboleth-sp2_2.0.dfsg1-4+lenny2.diff.gz 1b9c50e7ad0dfb0aec5a581a94e5d2432a1c3ce335f6ecd575f6054ebd76dcc9 220864 libapache2-mod-shib2_2.0.dfsg1-4+lenny2_i386.deb 421565214eb1c4a5f559435e6c64f3967799b649c741544fd4958d675d2736f8 830196 libshibsp1_2.0.dfsg1-4+lenny2_i386.deb 789042c0627075c7420066e3c7d5418b9e12052282e2557ea68e36430f391892 39896 libshibsp-dev_2.0.dfsg1-4+lenny2_i386.deb abdf8e5c973a8a1a4e6123f57a6b55bd5dd0f866fbbaab6786ffdf870dcd8c35 258520 libshibsp-doc_2.0.dfsg1-4+lenny2_all.deb 5279cdb700033339ad6a36d635016efe6b541d088d1966e21d45376ea2288a75 15434 shibboleth-sp2-schemas_2.0.dfsg1-4+lenny2_all.deb Files: 7cef2a57583d84e46a214475c4a25393 1672 web extra shibboleth-sp2_2.0.dfsg1-4+lenny2.dsc b9b0333f56c573d4a7f9bf608cbc4a89 17174 web extra shibboleth-sp2_2.0.dfsg1-4+lenny2.diff.gz e29f350428d1b68225d7c8ba7cd3a1ae 220864 web extra libapache2-mod-shib2_2.0.dfsg1-4+lenny2_i386.deb 69baa4d5223c2de49c11efb1f5221a60 830196 libs extra libshibsp1_2.0.dfsg1-4+lenny2_i386.deb 92ee9791f3230e4ea0af774d21f94168 39896 libdevel extra libshibsp-dev_2.0.dfsg1-4+lenny2_i386.deb 39b8bdad69f6bfa31730c459da5b575c 258520 doc extra libshibsp-doc_2.0.dfsg1-4+lenny2_all.deb 4f601fe9b3886b22316a141e01e707a6 15434 text extra shibboleth-sp2-schemas_2.0.dfsg1-4+lenny2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkscIDkACgkQ+YXjQAr8dHa+JgCgufsPx9LYWPqqwlZAyuEbkuJ4 iyEAn3LHICZGbtiFAP7Zy72T+a6yWz0H =ByCR -----END PGP SIGNATURE----- Accepted: libapache2-mod-shib2_2.0.dfsg1-4+lenny2_i386.deb to main/s/shibboleth-sp2/libapache2-mod-shib2_2.0.dfsg1-4+lenny2_i386.deb libshibsp-dev_2.0.dfsg1-4+lenny2_i386.deb to main/s/shibboleth-sp2/libshibsp-dev_2.0.dfsg1-4+lenny2_i386.deb libshibsp-doc_2.0.dfsg1-4+lenny2_all.deb to main/s/shibboleth-sp2/libshibsp-doc_2.0.dfsg1-4+lenny2_all.deb libshibsp1_2.0.dfsg1-4+lenny2_i386.deb to main/s/shibboleth-sp2/libshibsp1_2.0.dfsg1-4+lenny2_i386.deb shibboleth-sp2-schemas_2.0.dfsg1-4+lenny2_all.deb to main/s/shibboleth-sp2/shibboleth-sp2-schemas_2.0.dfsg1-4+lenny2_all.deb shibboleth-sp2_2.0.dfsg1-4+lenny2.diff.gz to main/s/shibboleth-sp2/shibboleth-sp2_2.0.dfsg1-4+lenny2.diff.gz shibboleth-sp2_2.0.dfsg1-4+lenny2.dsc to main/s/shibboleth-sp2/shibboleth-sp2_2.0.dfsg1-4+lenny2.dsc
