Back to opensaml2 PTS page

Accepted opensaml2 2.3-2+squeeze1 (source i386 all)

To: debian-changes@lists.debian.org
Subject: Accepted opensaml2 2.3-2+squeeze1 (source i386 all)
From: Russ Allbery <rra@debian.org>
Date: Tue, 10 Jan 2012 09:17:46 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1RkXpy-0007sg-0H@franck.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <dak@franck.debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 22 Jul 2011 19:07:07 -0700
Source: opensaml2
Binary: libsaml6 libsaml2-dev opensaml2-tools opensaml2-schemas libsaml2-doc
Architecture: source i386 all
Version: 2.3-2+squeeze1
Distribution: stable-security
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description: 
 libsaml2-dev - Security Assertion Markup Language library (development)
 libsaml2-doc - Security Assertion Markup Language library (API docs)
 libsaml6   - Security Assertion Markup Language library (runtime)
 opensaml2-schemas - Security Assertion Markup Language library (XML schemas)
 opensaml2-tools - Security Assertion Markup Language command-line tools
Changes: 
 opensaml2 (2.3-2+squeeze1) stable-security; urgency=high
 .
   * SECURITY: Fix vulnerability to a "wrapping attack" that could allow a
     remote, unauthenticated attacker to craft messages that can be
     successfully verified but contain arbitrary content.  This may allow
     an attacker to subvert the security of software using OpenSAML and
     supply an unauthenticated login identity and data under the guise of a
     trusted issuer.  (CVE-2011-1411)
Checksums-Sha1: 
 afab7802e1fdadbb7f586cfc44dace4960a7a0e6 1772 opensaml2_2.3-2+squeeze1.dsc
 d5b29a25a26a85957379279280b0f530146ec185 926057 opensaml2_2.3.orig.tar.gz
 52979f08453bc78eaaba33a360a2da626a9112e7 8796 opensaml2_2.3-2+squeeze1.diff.gz
 8633a0feadcd04d86021872bbbc66874f95b87f7 1195068 libsaml6_2.3-2+squeeze1_i386.deb
 d725b463360d35e0444ed612c6f8cd32372a2f6c 47924 libsaml2-dev_2.3-2+squeeze1_i386.deb
 d3a9b82af5ca9bbcb76581274f8a6f9293af94cf 26558 opensaml2-tools_2.3-2+squeeze1_i386.deb
 b3a33026f5c30986300369fca310fa50ef04b8b5 28286 opensaml2-schemas_2.3-2+squeeze1_all.deb
 70c022966bbd23f750b4a64892382112d643f7e0 410884 libsaml2-doc_2.3-2+squeeze1_all.deb
Checksums-Sha256: 
 45d8189bec05a0aafa5d9f5f6f7659714fda41f1fcb2938c639519053abf030e 1772 opensaml2_2.3-2+squeeze1.dsc
 027b3b9a6f5c147dd434d52e674ca238672412595dfa18675a70bafc5495e2fd 926057 opensaml2_2.3.orig.tar.gz
 de46ac0eed6f6ea9ef7a1222760aacc2f62b988e4c13040827edeacb4c31aa54 8796 opensaml2_2.3-2+squeeze1.diff.gz
 5e64d9e98c26634bf025c8341d4bf35c6764d3570e590683b807cd3bf8dd4ff4 1195068 libsaml6_2.3-2+squeeze1_i386.deb
 ee5dc6963621f0adc0561b8aef408364c0d759dbacdb39b35017fc5450f37ae4 47924 libsaml2-dev_2.3-2+squeeze1_i386.deb
 06468aabfdc86cf4e805509db7a1a7d4b4ecf324f082a8f48626e90fe488f0d9 26558 opensaml2-tools_2.3-2+squeeze1_i386.deb
 d4f3e0813ae6497bff9da3d6582bce2b675d24645b5e6e5133c7a77d398abc05 28286 opensaml2-schemas_2.3-2+squeeze1_all.deb
 8adc0728346c358ec413e01cc0762ac4df86f1f736881465b2d9faed5d9a97ac 410884 libsaml2-doc_2.3-2+squeeze1_all.deb
Files: 
 ae53f03e848731bf7c86f72b908670e1 1772 libs extra opensaml2_2.3-2+squeeze1.dsc
 9695d40cb28519c2cde8211cd1c3dc69 926057 libs extra opensaml2_2.3.orig.tar.gz
 579fb8d8826139a15f1b9cdce95fffcc 8796 libs extra opensaml2_2.3-2+squeeze1.diff.gz
 67a6d395ebde57e975ea6baf53d32454 1195068 libs extra libsaml6_2.3-2+squeeze1_i386.deb
 1a3f283752851bf65fdbb3d5dae9bbe4 47924 libdevel extra libsaml2-dev_2.3-2+squeeze1_i386.deb
 ac620153adbadf7707d5d27bb360a477 26558 text extra opensaml2-tools_2.3-2+squeeze1_i386.deb
 02eb55fa35d25f54d48e17ac74bdd014 28286 text extra opensaml2-schemas_2.3-2+squeeze1_all.deb
 48e3e4a75a0174b999b640431b420c5e 410884 doc extra libsaml2-doc_2.3-2+squeeze1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJOjGzTAAoJEOxfUAG2iX570REH/28EJV81OlR/eRCtqpAVhSFM
R4RqcE8rOuGWN8EhNgr4I1j5JrogwuZJasopJ71nuqiRZ8wzfFzukzxeOpD+tpJB
WYhy+Sc2cqdITLxSc0pNdFfTvlS7F9mYxXNqfYE+KYEICK7U6FHqniSPskj+IYU6
pU7n0SUcRCc/5VX5O/luq/rh7Hzfiw2KXHE2OSuuiCIdkyIUsCDO1dJ5i5vnif2J
ZhIjt8r+1X4fQUAq1h/FN4ukj8bfc+eWj1XmAixrN/vOGDsV8WIkAzXq0lCiNtwK
NeOJSRWeQ/2uJfX0fBCpcdwZwDCsxqrrOWUgEUgaxZiXng+aY0E5q5eL11h6btU=
=E7Lr
-----END PGP SIGNATURE-----


Accepted:
libsaml2-dev_2.3-2+squeeze1_i386.deb
  to main/o/opensaml2/libsaml2-dev_2.3-2+squeeze1_i386.deb
libsaml2-doc_2.3-2+squeeze1_all.deb
  to main/o/opensaml2/libsaml2-doc_2.3-2+squeeze1_all.deb
libsaml6_2.3-2+squeeze1_i386.deb
  to main/o/opensaml2/libsaml6_2.3-2+squeeze1_i386.deb
opensaml2-schemas_2.3-2+squeeze1_all.deb
  to main/o/opensaml2/opensaml2-schemas_2.3-2+squeeze1_all.deb
opensaml2-tools_2.3-2+squeeze1_i386.deb
  to main/o/opensaml2/opensaml2-tools_2.3-2+squeeze1_i386.deb
opensaml2_2.3-2+squeeze1.diff.gz
  to main/o/opensaml2/opensaml2_2.3-2+squeeze1.diff.gz
opensaml2_2.3-2+squeeze1.dsc
  to main/o/opensaml2/opensaml2_2.3-2+squeeze1.dsc