-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 20 Nov 2017 23:21:23 +0100
Source: shibboleth-sp2
Binary: libapache2-mod-shib2 libshibsp7 libshibsp-plugins libshibsp-dev libshibsp-doc shibboleth-sp2-common shibboleth-sp2-utils
Architecture: source
Version: 2.6.1+dfsg1-1
Distribution: unstable
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Description:
libapache2-mod-shib2 - Federated web single sign-on system (Apache module)
libshibsp-dev - Federated web single sign-on system (development)
libshibsp-doc - Federated web single sign-on system (API docs)
libshibsp-plugins - Federated web single sign-on system (plugins)
libshibsp7 - Federated web single sign-on system (runtime)
shibboleth-sp2-common - Federated web single sign-on system (common files)
shibboleth-sp2-utils - Federated web single sign-on system (daemon and utilities)
Changes:
shibboleth-sp2 (2.6.1+dfsg1-1) unstable; urgency=high
.
* [a15d712] New upstream release (2.6.1)
Security fix for CVE-2017-16852:
Rod Widdowson of Steading System Software LLP discovered a coding error in
the "Dynamic" metadata plugin of the Shibboleth Service Provider, causing
the plugin to fail configuring itself with the filters provided and
omitting whatever checks they are intended to perform.
* [a86acfd] Remove an incorporated upstream patch, refresh the rest
* [ceecf3a] Update Standards-Version to 4.1.1 (no changes needed)
* [a09dc9f] The functionality of dh-systemd was merged into debhelper proper
* [68b792b] Move repacking options into the watch file.
We have to resort to unconditional repacking to be able to change
the compression scheme. However, mk-origtargz will warn if the
file exclusion pattern does not match, so we can disable repacking
whenever it gets unnecessary for DFSG reasons.
* [1c10238] Drop now-unused Lintian override, #736360 is fixed in 2.5.57
Checksums-Sha1:
ba4bea9852e3ca9e3c889767ff1967380d180e8e 2891 shibboleth-sp2_2.6.1+dfsg1-1.dsc
1e20538512ea500b2bb1a7076c6f07d75ef89174 764601 shibboleth-sp2_2.6.1+dfsg1.orig.tar.bz2
cd1cdafe23330fe26d39b0a29d4bd91190214cac 81632 shibboleth-sp2_2.6.1+dfsg1-1.debian.tar.xz
e82d20dbfeb8eca9b0c14c68b59a1a455b3ad76c 12275 shibboleth-sp2_2.6.1+dfsg1-1_amd64.buildinfo
Checksums-Sha256:
043c605b8e1aedc71f1ed7f35fb35ae941bd8955c630cb4146569d741b7262b3 2891 shibboleth-sp2_2.6.1+dfsg1-1.dsc
9f8131694dfc7820a2c48ac2d79f1f85f6d185b0f699e468c74a7b83f69daf52 764601 shibboleth-sp2_2.6.1+dfsg1.orig.tar.bz2
acab6945365ba6b4ea06eaba223d643ef50edd5c9079f20b099ac12054046cfb 81632 shibboleth-sp2_2.6.1+dfsg1-1.debian.tar.xz
1569fee0825001ee95ded48fc7983c3fb5120d5064ef578146ebcf0739394930 12275 shibboleth-sp2_2.6.1+dfsg1-1_amd64.buildinfo
Files:
7d3034e19e2cf377540b9f934f9d3d10 2891 web optional shibboleth-sp2_2.6.1+dfsg1-1.dsc
7e0d269e4bddd10c863d2350a8d9f006 764601 web optional shibboleth-sp2_2.6.1+dfsg1.orig.tar.bz2
2bb232419534777d0a5cb2e7d3595a28 81632 web optional shibboleth-sp2_2.6.1+dfsg1-1.debian.tar.xz
2b1012bf6449aa3b8f5805b688882543 12275 web optional shibboleth-sp2_2.6.1+dfsg1-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEwddEx0RNIUL7eugtOsj3Fkd+2yMFAloTVxwACgkQOsj3Fkd+
2yPZQhAAmD6bk4rVHK3XAACuaw7BLfBGZrOJ29wq1Y2ISX+skL4Db1qlKt7rwa18
hLwS4u97t3weawtzarZA8Z+tlUWDALjCPSu65t0iEtaiYc/VsyrQB4NcnjSD9Rtq
Tctw2dDUQCVGuHFP5ItmJMsMqoAPPFO7RGtmw15p/Y3xF6RrYwB7MjkMBvP41nyy
FZnxjZ+HJ7jTzIyK0K5jmvx1cKvsOtBy0Rh3QRhPeIlxfWkJ3p4qRtDxGCY8jXNo
gf4g+6z9TnHWWN7v6OJ5Y/R41T4RBhPRlMHuT/j5ciK9pl5hvJlxe/JoPdDP0WJR
XbrjyArVIBpq+TnhsIezodGGc50hx2VmcGDeFfQG9Q2iWuTqj1lBF6C8lErdTk3y
K8r8RhxPdyQHeKW2U5djmdyqFyPKB+OIudv01vANkzhQrNBT4++kMGUtRHeMTplt
dFE+LhhQXueciUgj01lg1rT6wjlTx7e5uolM+K6b6DexO9EnjLXc1v6HXg9TkOOI
9vUJPWpXZeyjBjOP4zdYWiKHw0PFXo2DGbWpmxDR7ibf3yQyhi8P+3Fy7yLaJsUB
+EakVXEAB28LdAVs9n//POEXPKISvliorqBDXZvsenFGP1hOLzlnqSs4cmY7W9nC
VklqAfXZRjNMo54DGUy8rlgiaTp0Ax4YhW9mQRgsHZKqIH4GoNI=
=unnp
-----END PGP SIGNATURE-----
