[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 4038-1] shibboleth-sp2 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4038-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
November 16, 2017                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : shibboleth-sp2
CVE ID         : CVE-2017-16852
Debian Bug     : 881857

Rod Widdowson of Steading System Software LLP discovered a coding error
in the "Dynamic" metadata plugin of the Shibboleth Service Provider,
causing the plugin to fail configuring itself with the filters provided
and omitting whatever checks they are intended to perform.

For the oldstable distribution (jessie), this problem has been fixed
in version 2.5.3+dfsg-2+deb8u1.

For the stable distribution (stretch), this problem has been fixed in
version 2.6.0+dfsg1-4+deb9u1.

We recommend that you upgrade your shibboleth-sp2 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAloOARpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RFRRAAno8d8GNe1UlI2rMaXfvWfbD4iJLjHY0BbsRr5QcARAQwwAYegBrGtL5S
J5iCiVB+/6xxDeGzInAkGjZfQV2hcWob1fliNDGTExme0QpQIEyjoPQi9G4iWtJ2
J19tuh/tlXKsmWr/qD90T4ARAxtOMMJlTzHCj/MP0LCB6FKOIccIfXqdx3qhmUDg
2RZYW94EM7P4p6EdTKr7doYICpD5wT5glDWSuvIDcuPipjjQqfRdz9LRwrTcgOPZ
l4pYAOpkhMjhMZRGdeqKsVgTA3lctbWHgg7j+ha6YgFPg2VUjC9wUbFNNUcVWTM0
TACZYcSgOw1Fh+N7JvzHbyXX/0sYg+blQbccL+in/fGgrxbSlUS8B4T0FgGEBdRk
F/beEdFkMm2xj3/H3X6vO8tv6YB9awJ6NseX/LT4olJ/kvNDCaYG1k3XsVFQfaA6
9a1xNfNmIt2Vc8FiIzq/cbw5+D0eSncmLd/RMEBX0fDioXNuqZEQrUShhVSCoCGJ
u8c29+oGjBuCaNsBg3b4hifHUnV1/n2XAferag3zLuxSdaaZa+TwkF2QgDsEx8p9
0x8aW5garNMGWkWjkkhtjxPS4Q712TXw8uvRxBZhvPemer9hs10unMcuEoP18CqO
esmBbSENS9Uic1BkfD53rMdw9vd0dUo4mMFlLK0nAM/eAEnnbOk=
=6UGd
-----END PGP SIGNATURE-----


Reply to: