-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 22 Sep 2009 19:37:40 -0700 Source: opensaml2 Binary: libsaml2 libsaml2-dev opensaml2-tools opensaml2-schemas libsaml2-doc Architecture: source amd64 all Version: 2.0-2+lenny1 Distribution: stable-security Urgency: high Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org> Changed-By: Russ Allbery <rra@debian.org> Description: libsaml2 - Security Assertion Markup Language library (runtime) libsaml2-dev - Security Assertion Markup Language library (development) libsaml2-doc - Security Assertion Markup Language library (API docs) opensaml2-schemas - Security Assertion Markup Language library (XML schemas) opensaml2-tools - Security Assertion Markup Language command-line tools Changes: opensaml2 (2.0-2+lenny1) stable-security; urgency=high . * SECURITY: Correctly honor the "use" attribute of <KeyDescriptor> SAML metadata to honor restrictions to signing or encryption. This is a partial fix; the complete fix also requires a new version of the xmltooling library. See <http://shibboleth.internet2.edu/secadv/secadv_20090817a.txt> Checksums-Sha1: 0bc8182d845bbcd329b216c3c1a73c69bade9468 1449 opensaml2_2.0-2+lenny1.dsc 6109f6fe89565532409c393a9a2f6fe882298ec7 705058 opensaml2_2.0.orig.tar.gz 026e7c52ff8351a29c3a41d54910e35c90551fb6 6582 opensaml2_2.0-2+lenny1.diff.gz ca37f39e1fc30ab82093e000914b3e803e67faf0 1191192 libsaml2_2.0-2+lenny1_amd64.deb 27b771ee706e1fb7c213da09f6a245753a52820d 44682 libsaml2-dev_2.0-2+lenny1_amd64.deb 932ddd26976a52f614c436b860397ca83559ecbe 28296 opensaml2-tools_2.0-2+lenny1_amd64.deb 4076d9315874c5edcbcfdcf311fd2006eda86cfb 22936 opensaml2-schemas_2.0-2+lenny1_all.deb 80297ff9ddac03a2ab270d6de90164cc3628d397 320978 libsaml2-doc_2.0-2+lenny1_all.deb Checksums-Sha256: 603e390a038e5c3ff1e9e20c83814954b606e2d0da75ef37904456437d6561fb 1449 opensaml2_2.0-2+lenny1.dsc 539a788a8a136c5541a963017f5efa526cb49b2db2c18c97cb9d3c1f171ac8b0 705058 opensaml2_2.0.orig.tar.gz a1b8ea3c033965c91c552cb6714428a092cced65b790870199d7117d8e17ac93 6582 opensaml2_2.0-2+lenny1.diff.gz abfdbb1d768bc9895b5148efd9f77a225c88c4e2b9468de7caa6f0f661802623 1191192 libsaml2_2.0-2+lenny1_amd64.deb 6a2f48978610a8f940e20a3bc8b8ecef56a8a27e9d94b9d3358a023447b04a76 44682 libsaml2-dev_2.0-2+lenny1_amd64.deb 5d6489769dfdcea50a79b2242b35780c0af4114a2852a7394c632ee4c3285a19 28296 opensaml2-tools_2.0-2+lenny1_amd64.deb a89413a45eab7ff10876249c1b64498e22773cc4c716f8b9fdafdbca84741b72 22936 opensaml2-schemas_2.0-2+lenny1_all.deb 4573ef24bb6dbf8898d72c8fcd3343101955c50013aa359983f5ff293c34e310 320978 libsaml2-doc_2.0-2+lenny1_all.deb Files: 5c628a5dd4614555953e410a78009298 1449 libs extra opensaml2_2.0-2+lenny1.dsc 85968f3c72cb789b11c9d01209e4d46b 705058 libs extra opensaml2_2.0.orig.tar.gz 2c4fe0169aa897da269107fe43727965 6582 libs extra opensaml2_2.0-2+lenny1.diff.gz 50e10dd708890b191da818107c3f096d 1191192 libs extra libsaml2_2.0-2+lenny1_amd64.deb a4d2f8e45f3f661e96d7313bac7656a4 44682 libdevel extra libsaml2-dev_2.0-2+lenny1_amd64.deb 41e3a07a37cd11363659bc7023d8177c 28296 text extra opensaml2-tools_2.0-2+lenny1_amd64.deb 3524f5c9de24e6dd6ce655099534a5ec 22936 text extra opensaml2-schemas_2.0-2+lenny1_all.deb 8f55a5e0788336b563241aa9787e4f19 320978 doc extra libsaml2-doc_2.0-2+lenny1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkrM3fIACgkQVty5d8XpUzPjiQCfQhv8clYOBtOvR7zYTPFcSWPn KeYAn01w18dVTIBwslk7lYDHVnJEZ3jj =Fvn5 -----END PGP SIGNATURE----- Accepted: libsaml2-dev_2.0-2+lenny1_amd64.deb to pool/main/o/opensaml2/libsaml2-dev_2.0-2+lenny1_amd64.deb libsaml2-doc_2.0-2+lenny1_all.deb to pool/main/o/opensaml2/libsaml2-doc_2.0-2+lenny1_all.deb libsaml2_2.0-2+lenny1_amd64.deb to pool/main/o/opensaml2/libsaml2_2.0-2+lenny1_amd64.deb opensaml2-schemas_2.0-2+lenny1_all.deb to pool/main/o/opensaml2/opensaml2-schemas_2.0-2+lenny1_all.deb opensaml2-tools_2.0-2+lenny1_amd64.deb to pool/main/o/opensaml2/opensaml2-tools_2.0-2+lenny1_amd64.deb opensaml2_2.0-2+lenny1.diff.gz to pool/main/o/opensaml2/opensaml2_2.0-2+lenny1.diff.gz opensaml2_2.0-2+lenny1.dsc to pool/main/o/opensaml2/opensaml2_2.0-2+lenny1.dsc