Security updates for opensaml and shibboleth-sp

Russ Allbery rra at debian.org
Fri Sep 25 03:41:04 UTC 2009


Hello folks,

Attached are the updates for the Shibboleth 1.x packages that correspond
to the just-published DSA-1895 for xmltooling and the Shibboleth 2.x
environment.  In Shibboleth 2.x, xmltooling abstracts out a lot of shared
utility code, so the corresponding fixes for 1.x have to be applied to
both the opensaml library package and to the shibboleth-sp package.  (1.x
won't be in squeeze, only 2.x.)

Diffs for etch will be coming in the next message.  They're a bit
different since, for etch, the packages used quilt for patch management
(we've since switched to Git).

Please let me know if I should upload these to the stable-security queue.
In this code, the opensaml fix is in a *.cpp file, so I don't believe the
security build ordering matters for the two packages and it should be safe
to build the shibboleth-sp package against the lenny opensaml package.

-- 
Russ Allbery (rra at debian.org)               <http://www.eyrie.org/~eagle/>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: opensaml-lenny.diff
Type: text/x-diff
Size: 1196 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-shibboleth-devel/attachments/20090924/6b3d9c5b/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: shibboleth-sp-lenny.diff
Type: text/x-diff
Size: 16898 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-shibboleth-devel/attachments/20090924/6b3d9c5b/attachment-0001.diff>


More information about the Pkg-shibboleth-devel mailing list