Ubuntu
shibboleth-sp package

shibboleth-sp 3.2.2+dfsg1-1 source package in Ubuntu

Changelog

shibboleth-sp (3.2.2+dfsg1-1) unstable; urgency=high

  * [e44283d] New upstream release: 3.2.2
    High urgency because it fixes CVE-2021-31826:
    Session recovery feature contains a null pointer dereference
    The cookie-based session recovery feature added in V3.0 contains a
    flaw that is exploitable on systems *not* using the feature if a
    specially crafted cookie is supplied.
    This manifests as a crash in the shibd daemon.
    Because it is very simple to trigger this condition remotely, it
    results in a potential denial of service condition exploitable by
    a remote, unauthenticated attacker.
    Thanks to Scott Cantor (Closes: #987608)
  * [3a6ac33] Refresh our patches

 -- Ferenc Wágner <email address hidden>  Tue, 27 Apr 2021 12:11:06 +0200

Upload details

Uploaded by:
Debian Shib Team
Uploaded to:
Sid
Original maintainer:
Debian Shib Team
Architectures:
any all
Section:
misc
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
shibboleth-sp_3.2.2+dfsg1-1.dsc 2.8 KiB b855713cb278c5d8051cfb248ad7245f58d7182470e8b6c9dec2552697a85fdf
shibboleth-sp_3.2.2+dfsg1.orig.tar.xz 625.6 KiB 14d0d2ca03adf44c77ed5e8738d537dbe6e9abe5a3d6f15d403f9b00964c9f00
shibboleth-sp_3.2.2+dfsg1-1.debian.tar.xz 41.1 KiB 6a4d64544ff5f1bf8028b7ba87519ad50237f52ee157aa4d0138dcab542aef0d

Available diffs

No changes file available.

Binary packages built by this source

libapache2-mod-shib: No summary available for libapache2-mod-shib in ubuntu impish.

No description available for libapache2-mod-shib in ubuntu impish.

libapache2-mod-shib-dbgsym: No summary available for libapache2-mod-shib-dbgsym in ubuntu impish.

No description available for libapache2-mod-shib-dbgsym in ubuntu impish.

libshibsp-dev: No summary available for libshibsp-dev in ubuntu impish.

No description available for libshibsp-dev in ubuntu impish.

libshibsp-doc: No summary available for libshibsp-doc in ubuntu impish.

No description available for libshibsp-doc in ubuntu impish.

libshibsp-plugins: No summary available for libshibsp-plugins in ubuntu impish.

No description available for libshibsp-plugins in ubuntu impish.

libshibsp-plugins-dbgsym: No summary available for libshibsp-plugins-dbgsym in ubuntu impish.

No description available for libshibsp-plugins-dbgsym in ubuntu impish.

libshibsp10: No summary available for libshibsp10 in ubuntu impish.

No description available for libshibsp10 in ubuntu impish.

libshibsp10-dbgsym: No summary available for libshibsp10-dbgsym in ubuntu impish.

No description available for libshibsp10-dbgsym in ubuntu impish.

shibboleth-sp-common: No summary available for shibboleth-sp-common in ubuntu impish.

No description available for shibboleth-sp-common in ubuntu impish.

shibboleth-sp-utils: No summary available for shibboleth-sp-utils in ubuntu impish.

No description available for shibboleth-sp-utils in ubuntu impish.

shibboleth-sp-utils-dbgsym: No summary available for shibboleth-sp-utils-dbgsym in ubuntu impish.

No description available for shibboleth-sp-utils-dbgsym in ubuntu impish.