Tags give the ability to mark specific points in history as being important
  • debian/3.2.3+dfsg1-1
    shibboleth-sp Debian release 3.2.3+dfsg1-1
    
    Format: 1.8
    Date: Sat, 02 Oct 2021 15:15:41 +0200
    Source: shibboleth-sp
    Architecture: source
    Version: 3.2.3+dfsg1-1
    Distribution: unstable
    Urgency: medium
    Maintainer: Debian Shib Team <pkg-shibboleth-devel@alioth-lists.debian.net>
    Changed-By: Ferenc Wágner <wferi@debian.org>
    Changes:
     shibboleth-sp (3.2.3+dfsg1-1) unstable; urgency=medium
     .
       [ Ferenc Wágner ]
       * [147bb17] Remove stale comment from debian/copyright
         shibsp/paths.h has not been distributed since version 3.0.3.
       * [9488c47] Set field Upstream-Name in debian/copyright
       * [bbdedb6] New upstream release: 3.2.3
       * [15ea78b] Refresh our patches
       * [68f4827] Accommodate more context in the Lintian webapp warning
       * [9b29d1e] Update Standards-Version to 4.6.0 (no changes required)
     .
       [ Debian Janitor ]
       * [b452f06] Use secure URI in Homepage field
    Checksums-Sha1:
     2d15f4d2e4e856be31fc73add291e13c079388c6 2892 shibboleth-sp_3.2.3+dfsg1-1.dsc
     ac90a5fd72aa11a69ad305b621f04bd0d17e7a72 640260 shibboleth-sp_3.2.3+dfsg1.orig.tar.xz
     84aa4ba81e5abeb39710bf82fb322e5789695f0f 42280 shibboleth-sp_3.2.3+dfsg1-1.debian.tar.xz
     2049c31298ce9342be3177e7cc8538148627d6ce 13187 shibboleth-sp_3.2.3+dfsg1-1_amd64.buildinfo
    Checksums-Sha256:
     b781542b1290831fd90b4807374c0dda50cf6c945cbfdf13ee9d72157fc0f6b2 2892 shibboleth-sp_3.2.3+dfsg1-1.dsc
     24e863b93b493a4b3403bc8c0c3853528ff0b1255da288564f95deeafb731940 640260 shibboleth-sp_3.2.3+dfsg1.orig.tar.xz
     c20bdceceaa943e75659b0a80741fa89a3925aaf289b92b49988bb3885dabb3c 42280 shibboleth-sp_3.2.3+dfsg1-1.debian.tar.xz
     7c021e0c88a3fea0aa6fe147cb9380fed84c566de8d297faf8904a46f8764497 13187 shibboleth-sp_3.2.3+dfsg1-1_amd64.buildinfo
    Files:
     983b0328dd5fc24444f0cc3bbde51123 2892 web optional shibboleth-sp_3.2.3+dfsg1-1.dsc
     1aad8b7a62c6728d8a9bd99e3f188f7d 640260 web optional shibboleth-sp_3.2.3+dfsg1.orig.tar.xz
     7f0bf643fccc1fc79540694926bc3061 42280 web optional shibboleth-sp_3.2.3+dfsg1-1.debian.tar.xz
     bf9fc6312a50154a3576748f43e784d9 13187 web optional shibboleth-sp_3.2.3+dfsg1-1_amd64.buildinfo
    
  • upstream/3.2.3+dfsg1
    Upstream version 3.2.3+dfsg1
  • 3.2.3.1
    Tag 3.2.3.1 release.
    
  • 3.2.3
    Tagging 3.2.3 release.
    
  • 3.2.2.2
    5dd2007a · SSPCPP-934 ·
    Tag 3.2.2.2 release.
    
  • switchaai/3.2.2+dfsg1-1_switchaai1_ubuntu18.04.1
    shibboleth-sp SWITCHaai release 3.2.2+dfsg1-1~switchaai1~ubuntu18.04.1
    
  • switchaai/3.2.2+dfsg1-1_switchaai1_ubuntu20.04.1
    shibboleth-sp SWITCHaai release 3.2.2+dfsg1-1~switchaai1~ubuntu20.04.1
    
  • switchaai/3.2.2+dfsg1-1_switchaai1_debian9.1
    shibboleth-sp SWITCHaai release 3.2.2+dfsg1-1~switchaai1~debian9.1
    
  • switchaai/3.2.2+dfsg1-1_switchaai1_debian10.1
    shibboleth-sp SWITCHaai release 3.2.2+dfsg1-1~switchaai1~debian10.1
    
  • debian/3.2.2+dfsg1-1_bpo10+1
    shibboleth-sp Debian release 3.2.2+dfsg1-1~bpo10+1
    
    Format: 1.8
    Date: Tue, 04 May 2021 14:26:47 +0200
    Source: shibboleth-sp
    Architecture: source
    Version: 3.2.2+dfsg1-1~bpo10+1
    Distribution: buster-backports
    Urgency: medium
    Maintainer: Debian Shib Team <pkg-shibboleth-devel@alioth-lists.debian.net>
    Changed-By: Etienne Dysli Metref <etienne.dysli-metref@switch.ch>
    Changes:
     shibboleth-sp (3.2.2+dfsg1-1~bpo10+1) buster-backports; urgency=medium
     .
       * Rebuild for buster-backports.
    Checksums-Sha1:
     c603111c0999c71b296966db5d92e3b891521135 2923 shibboleth-sp_3.2.2+dfsg1-1~bpo10+1.dsc
     4dbd985e093554d2ffe08a4dffd06db02167136d 42268 shibboleth-sp_3.2.2+dfsg1-1~bpo10+1.debian.tar.xz
     0fb2a5e68ff7fb25f6836f8d30389567039721f3 13641 shibboleth-sp_3.2.2+dfsg1-1~bpo10+1_amd64.buildinfo
    Checksums-Sha256:
     3313b8c0b04577306f3f22346714bc0f25f813814ae16c5bd905f8047ff808ab 2923 shibboleth-sp_3.2.2+dfsg1-1~bpo10+1.dsc
     3423f7eaca406c0e4ac124b25a8094bc960cc7354b399b783ef8990991650b1a 42268 shibboleth-sp_3.2.2+dfsg1-1~bpo10+1.debian.tar.xz
     673d06ccae72764845e6fce0e5f59b00038cfa698a2be94126d24a7a7a2c33ff 13641 shibboleth-sp_3.2.2+dfsg1-1~bpo10+1_amd64.buildinfo
    Files:
     496f6cf6eb1bcb74d98b1e49235d501b 2923 web optional shibboleth-sp_3.2.2+dfsg1-1~bpo10+1.dsc
     660fe71b43a433224c58589ecbc8b1ec 42268 web optional shibboleth-sp_3.2.2+dfsg1-1~bpo10+1.debian.tar.xz
     85916585d06099154432a79bd00d1a03 13641 web optional shibboleth-sp_3.2.2+dfsg1-1~bpo10+1_amd64.buildinfo
    
  • debian/3.2.2+dfsg1-1
    shibboleth-sp Debian release 3.2.2+dfsg1-1
    
    Format: 1.8
    Date: Tue, 27 Apr 2021 12:11:06 +0200
    Source: shibboleth-sp
    Architecture: source
    Version: 3.2.2+dfsg1-1
    Distribution: unstable
    Urgency: high
    Maintainer: Debian Shib Team <pkg-shibboleth-devel@alioth-lists.debian.net>
    Changed-By: Ferenc Wágner <wferi@debian.org>
    Closes: 987608
    Changes:
     shibboleth-sp (3.2.2+dfsg1-1) unstable; urgency=high
     .
       * [e44283d] New upstream release: 3.2.2
         High urgency because it fixes CVE-2021-31826:
         Session recovery feature contains a null pointer dereference
         The cookie-based session recovery feature added in V3.0 contains a
         flaw that is exploitable on systems *not* using the feature if a
         specially crafted cookie is supplied.
         This manifests as a crash in the shibd daemon.
         Because it is very simple to trigger this condition remotely, it
         results in a potential denial of service condition exploitable by
         a remote, unauthenticated attacker.
         Thanks to Scott Cantor (Closes: #987608)
       * [3a6ac33] Refresh our patches
    Checksums-Sha1:
     51abae0103692c6eb756a0684f956236c766bab3 2891 shibboleth-sp_3.2.2+dfsg1-1.dsc
     15d60364156cd8fd2c60db273cba85f5c28bc075 640648 shibboleth-sp_3.2.2+dfsg1.orig.tar.xz
     f185a257f713b667f861b0cbc83f9270618a84c9 42116 shibboleth-sp_3.2.2+dfsg1-1.debian.tar.xz
     cb8f6304381f00faa35b8480e962b646d25065cb 13102 shibboleth-sp_3.2.2+dfsg1-1_amd64.buildinfo
    Checksums-Sha256:
     b855713cb278c5d8051cfb248ad7245f58d7182470e8b6c9dec2552697a85fdf 2891 shibboleth-sp_3.2.2+dfsg1-1.dsc
     14d0d2ca03adf44c77ed5e8738d537dbe6e9abe5a3d6f15d403f9b00964c9f00 640648 shibboleth-sp_3.2.2+dfsg1.orig.tar.xz
     6a4d64544ff5f1bf8028b7ba87519ad50237f52ee157aa4d0138dcab542aef0d 42116 shibboleth-sp_3.2.2+dfsg1-1.debian.tar.xz
     7f83a25d57dc84136dba59d6941a4e717d6c03c44121e26054cf2b7d37edddec 13102 shibboleth-sp_3.2.2+dfsg1-1_amd64.buildinfo
    Files:
     23f42f6e2552fce639ed5a19ef8a5ce5 2891 web optional shibboleth-sp_3.2.2+dfsg1-1.dsc
     52199338ebf5612425cb2a076c1b7f70 640648 web optional shibboleth-sp_3.2.2+dfsg1.orig.tar.xz
     a60eb96d9fa7c1fa10b31365c9614184 42116 web optional shibboleth-sp_3.2.2+dfsg1-1.debian.tar.xz
     7487cb96684d3aa30e30d25d8200fa62 13102 web optional shibboleth-sp_3.2.2+dfsg1-1_amd64.buildinfo
    
  • debian/3.0.4+dfsg1-1+deb10u2
    shibboleth-sp Debian release 3.0.4+dfsg1-1+deb10u2
    
    Format: 1.8
    Date: Mon, 26 Apr 2021 15:37:15 +0200
    Source: shibboleth-sp
    Architecture: source
    Version: 3.0.4+dfsg1-1+deb10u2
    Distribution: buster-security
    Urgency: high
    Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
    Changed-By: Ferenc Wágner <wferi@debian.org>
    Closes: 987608
    Changes:
     shibboleth-sp (3.0.4+dfsg1-1+deb10u2) buster-security; urgency=high
     .
       * [2dd45b3] New patch: SSPCPP-927 - Check for missing DataSealer during
         cookie recovery.
         Fix a denial of service vulnerability: Session recovery feature contains
         a null pointer dereference
         The cookie-based session recovery feature added in V3.0 contains a
         flaw that is exploitable on systems *not* using the feature if a
         specially crafted cookie is supplied.
         This manifests as a crash in the shibd daemon.
         Because it is very simple to trigger this condition remotely, it
         results in a potential denial of service condition exploitable by
         a remote, unauthenticated attacker.
         Thanks to Scott Cantor (Closes: #987608)
    Checksums-Sha1:
     aa91efd3b9c6f26b0ad95dfae340a49f41e8923c 3034 shibboleth-sp_3.0.4+dfsg1-1+deb10u2.dsc
     936ea173fc1b0c9998f657b897650b9f7fdd84d1 79896 shibboleth-sp_3.0.4+dfsg1-1+deb10u2.debian.tar.xz
     d74e5e9b65ef48c88c4294cf5a0d0ece4da1667c 14116 shibboleth-sp_3.0.4+dfsg1-1+deb10u2_amd64.buildinfo
    Checksums-Sha256:
     82ce3e5b624c34754807c76a70fc5549dc535e9c5d01af396b76966d9f9cf39d 3034 shibboleth-sp_3.0.4+dfsg1-1+deb10u2.dsc
     01a3257b10e940430af70754daeccc29c08c091ae04a1fd519ff67cefb83b878 79896 shibboleth-sp_3.0.4+dfsg1-1+deb10u2.debian.tar.xz
     74fdf85b4918fd5867fc5c858dd13c222327ca9dda34ed8901c1187ff07c0d56 14116 shibboleth-sp_3.0.4+dfsg1-1+deb10u2_amd64.buildinfo
    Files:
     f74cbb538977ef3921821dd62ca772df 3034 web optional shibboleth-sp_3.0.4+dfsg1-1+deb10u2.dsc
     2cf9a7879a9838f4cdf8f0d023e957c4 79896 web optional shibboleth-sp_3.0.4+dfsg1-1+deb10u2.debian.tar.xz
     22afb3d6e117204e01b703a96a5750d2 14116 web optional shibboleth-sp_3.0.4+dfsg1-1+deb10u2_amd64.buildinfo
    
  • upstream/3.2.2+dfsg1
    Upstream version 3.2.2+dfsg1
  • 3.2.2
    a37c6153 · Update so revision. ·
    Tag 3.2.2 release.
    
  • debian/3.2.1+dfsg1-1_bpo10+1
    shibboleth-sp Debian release 3.2.1+dfsg1-1~bpo10+1
    
    Format: 1.8
    Date: Mon, 22 Mar 2021 13:11:57 +0100
    Source: shibboleth-sp
    Binary: libapache2-mod-shib libapache2-mod-shib-dbgsym libshibsp-dev libshibsp-doc libshibsp-plugins libshibsp-plugins-dbgsym libshibsp10 libshibsp10-dbgsym shibboleth-sp-common shibboleth-sp-utils shibboleth-sp-utils-dbgsym
    Architecture: source i386 all
    Version: 3.2.1+dfsg1-1~bpo10+1
    Distribution: buster-backports
    Urgency: high
    Maintainer: Debian Shib Team <pkg-shibboleth-devel@alioth-lists.debian.net>
    Changed-By: Etienne Dysli Metref <etienne.dysli-metref@switch.ch>
    Description:
     libapache2-mod-shib - Federated web single sign-on system (Apache module)
     libshibsp-dev - Federated web single sign-on system (development)
     libshibsp-doc - Federated web single sign-on system (API docs)
     libshibsp-plugins - Federated web single sign-on system (plugins)
     libshibsp10 - Federated web single sign-on system (runtime)
     shibboleth-sp-common - Federated web single sign-on system (common files)
     shibboleth-sp-utils - Federated web single sign-on system (daemon and utilities)
    Changes:
     shibboleth-sp (3.2.1+dfsg1-1~bpo10+1) buster-backports; urgency=medium
     .
       * Rebuild for buster-backports.
     .
     shibboleth-sp (3.2.1+dfsg1-1) unstable; urgency=high
     .
       * [4ecfe4a] New upstream release: 3.2.1
         High urgency because it contains the fix for the phishing vulnerability
         https://shibboleth.net/community/advisories/secadv_20210317.txt.
       * [80b3470] Refresh our patches
     .
     shibboleth-sp (3.2.0+dfsg1-2) unstable; urgency=medium
     .
       * [84158eb] Revert "New patch: Require XMLTooling and OpenSAML 3.2 via pkg
         config as well"
         This reverts commit 431b176b3127bb0b0ebfb9621a798facec24cce3.
         According to upstream there's no real build requirement here.
       * Upload to unstable
     .
     shibboleth-sp (3.2.0+dfsg1-1) experimental; urgency=medium
     .
       * [6af8bd7] Bump watch file format version to 4
       * [ce7b33d] New upstream release: 3.2.0
       * [4a6d968] Delete upstream patch, refresh the rest
       * [431b176] New patch: Require XMLTooling and OpenSAML 3.2 via pkg config as
         well
       * [20a1f52] Depend on XMLTooling and OpenSAML 3.2
       * [3d4409a] Rename library package for upstream SONAME bump
       * [54cf316] Update Standards-Version to 4.5.1 (no changes required)
    Checksums-Sha1:
     885ccc373b86dec8865a7d24593da10db286a1c9 2923 shibboleth-sp_3.2.1+dfsg1-1~bpo10+1.dsc
     e022501e8366370aa9edb4cc0e625326a4883bd8 42000 shibboleth-sp_3.2.1+dfsg1-1~bpo10+1.debian.tar.xz
     63a26cf4070391aa5d096ed0d6d78dd133811218 382136 libapache2-mod-shib-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     e5700349756b4904932a51881745194dd0f7fc4c 83840 libapache2-mod-shib_3.2.1+dfsg1-1~bpo10+1_i386.deb
     83b88eb4b374ef92c73704d7d36d92037c1bcb66 67376 libshibsp-dev_3.2.1+dfsg1-1~bpo10+1_i386.deb
     963081e148a2dac419d1ec2b65e0ce79f6ff777e 3386248 libshibsp-doc_3.2.1+dfsg1-1~bpo10+1_all.deb
     3533cef5405ba460a4a0a0c3d75bef898af7c5f9 2422680 libshibsp-plugins-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     2cb13dfc968cf738e63ed49db8ee4ebb3cf1dac2 194236 libshibsp-plugins_3.2.1+dfsg1-1~bpo10+1_i386.deb
     5ee1185b8468fcb6af23d1fc1a115836d4902f8c 18257980 libshibsp10-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     e655646ea9873ef3e5c2ebba58a2eb76dba8a692 1021256 libshibsp10_3.2.1+dfsg1-1~bpo10+1_i386.deb
     a2203315800f645e3467a0dd7473c3fb8d4debf9 57304 shibboleth-sp-common_3.2.1+dfsg1-1~bpo10+1_all.deb
     94ee9b1d2dc81852704d40d042ae3ca4c164deb9 466268 shibboleth-sp-utils-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     f687daeebec481f6a5c3904d15b8f4f960cf1967 92948 shibboleth-sp-utils_3.2.1+dfsg1-1~bpo10+1_i386.deb
     a39ba59cc849452c2266389662ef4ffa090b779a 13567 shibboleth-sp_3.2.1+dfsg1-1~bpo10+1_i386.buildinfo
    Checksums-Sha256:
     85b6f967c504536933d0b41c931da5d4946068d828e71db73b4e70af025728d9 2923 shibboleth-sp_3.2.1+dfsg1-1~bpo10+1.dsc
     4c67d559f1434cd114ab286c695745efec31624ca7e04c730828f6ee38f07847 42000 shibboleth-sp_3.2.1+dfsg1-1~bpo10+1.debian.tar.xz
     b6a649df67f803b260f89ac01f25fade4ae67536c62a9a8bed23fe77d8bd87e6 382136 libapache2-mod-shib-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     dbc38834cd6de233b5cbd627a976ae555521e9e6c1b029438ab5ad12783783c7 83840 libapache2-mod-shib_3.2.1+dfsg1-1~bpo10+1_i386.deb
     a6dac794b529e9ce0165810cd2312f367ae4072ac28034908386acf356dfcb76 67376 libshibsp-dev_3.2.1+dfsg1-1~bpo10+1_i386.deb
     f29b5540521f9eeeb393e1208848be316a1e4ce71dbd15f2b1e34de06e31ce99 3386248 libshibsp-doc_3.2.1+dfsg1-1~bpo10+1_all.deb
     73c97b559db278a5fe2626a70ea0d969d5ef9180a471bb7d1c27349e7c980d49 2422680 libshibsp-plugins-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     39af2e9bf88f15fa7f8a1b9f9129c5a99abc0851bfd524e15767f5b6efca6ad2 194236 libshibsp-plugins_3.2.1+dfsg1-1~bpo10+1_i386.deb
     33f8adc8e3c5e70f3a0078e23824fc82efc4e5bc4a1b9244a42bdf22f593c62c 18257980 libshibsp10-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     e3b821bd91ef5e7b9593fee70e39c690c72885b549c27c0d1e2744296aa2ec29 1021256 libshibsp10_3.2.1+dfsg1-1~bpo10+1_i386.deb
     8273013e365402376f1191f27bedfe45836bce948ff29279a15db04830c3922a 57304 shibboleth-sp-common_3.2.1+dfsg1-1~bpo10+1_all.deb
     9edc46d99a3a3947c816d8ebe9bfb03af3022f03057d0e1df2e6424c81ed5938 466268 shibboleth-sp-utils-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     bd00f4ec80505ec5a13aeee99deb98709e945d9efeda3eb81375b82d580e987d 92948 shibboleth-sp-utils_3.2.1+dfsg1-1~bpo10+1_i386.deb
     686feb75a7fefd0e15a7b63e285a713f7bda186af1626e2054b1214637a4c35d 13567 shibboleth-sp_3.2.1+dfsg1-1~bpo10+1_i386.buildinfo
    Files:
     c9e6fe6129094bfbcaed77b9e942df93 2923 web optional shibboleth-sp_3.2.1+dfsg1-1~bpo10+1.dsc
     16c594ef5f477eaf372b3645f05f02c2 42000 web optional shibboleth-sp_3.2.1+dfsg1-1~bpo10+1.debian.tar.xz
     5b101a22f647c0ff7e03049e28cd0dbc 382136 debug optional libapache2-mod-shib-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     cc3d11fceeb454f20eb6633806ed26fd 83840 httpd optional libapache2-mod-shib_3.2.1+dfsg1-1~bpo10+1_i386.deb
     ca472b31e037d40563d50da5e32409c4 67376 libdevel optional libshibsp-dev_3.2.1+dfsg1-1~bpo10+1_i386.deb
     7ac3e977e8e80b77ff5f0736b5ea4722 3386248 doc optional libshibsp-doc_3.2.1+dfsg1-1~bpo10+1_all.deb
     6adc73cf69982b6ed695724a33464209 2422680 debug optional libshibsp-plugins-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     ffa01f86bfdedffba225f899d9899b69 194236 libs optional libshibsp-plugins_3.2.1+dfsg1-1~bpo10+1_i386.deb
     ae35ffd2094129e3216f28a6bb81f00b 18257980 debug optional libshibsp10-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     b7ac5979f6e06de916423c66e29c9f26 1021256 libs optional libshibsp10_3.2.1+dfsg1-1~bpo10+1_i386.deb
     b2a50ae86e9f40bebec163583d2d935b 57304 libs optional shibboleth-sp-common_3.2.1+dfsg1-1~bpo10+1_all.deb
     4dc660710109cc2108341f9aeb4a0c07 466268 debug optional shibboleth-sp-utils-dbgsym_3.2.1+dfsg1-1~bpo10+1_i386.deb
     aff23c7f1557487cb5bf21c428e34936 92948 web optional shibboleth-sp-utils_3.2.1+dfsg1-1~bpo10+1_i386.deb
     6fbfdf075bfff111a2223d0a36c1065f 13567 web optional shibboleth-sp_3.2.1+dfsg1-1~bpo10+1_i386.buildinfo
    
  • debian/3.0.4+dfsg1-1+deb10u1_bpo9+1
    shibboleth-sp Debian release 3.0.4+dfsg1-1+deb10u1~bpo9+1
    
    Format: 1.8
    Date: Mon, 22 Mar 2021 13:55:57 +0100
    Source: shibboleth-sp
    Binary: libapache2-mod-shib libshibsp8 libshibsp-plugins libshibsp-dev libshibsp-doc shibboleth-sp-common shibboleth-sp-utils libapache2-mod-shib2 shibboleth-sp2-common shibboleth-sp2-utils
    Architecture: source
    Version: 3.0.4+dfsg1-1+deb10u1~bpo9+1
    Distribution: stretch-backports
    Urgency: medium
    Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
    Changed-By: Etienne Dysli Metref <etienne.dysli-metref@switch.ch>
    Description:
     libapache2-mod-shib - Federated web single sign-on system (Apache module)
     libapache2-mod-shib2 - transitional package
     libshibsp-dev - Federated web single sign-on system (development)
     libshibsp-doc - Federated web single sign-on system (API docs)
     libshibsp-plugins - Federated web single sign-on system (plugins)
     libshibsp8 - Federated web single sign-on system (runtime)
     shibboleth-sp-common - Federated web single sign-on system (common files)
     shibboleth-sp-utils - Federated web single sign-on system (daemon and utilities)
     shibboleth-sp2-common - transitional package
     shibboleth-sp2-utils - transitional package
    Changes:
     shibboleth-sp (3.0.4+dfsg1-1+deb10u1~bpo9+1) stretch-backports; urgency=medium
     .
       * Rebuild for stretch-backports.
    Checksums-Sha1:
     481f6df26611c40450d269cc057be5f95ecf53a4 3072 shibboleth-sp_3.0.4+dfsg1-1+deb10u1~bpo9+1.dsc
     2fd6b67f019d6e8cf1dfab2677f0cbffa70b9f96 79576 shibboleth-sp_3.0.4+dfsg1-1+deb10u1~bpo9+1.debian.tar.xz
     3c52475c63b45630e8f65ee34aeb1cfac744f1fa 14847 shibboleth-sp_3.0.4+dfsg1-1+deb10u1~bpo9+1_amd64.buildinfo
    Checksums-Sha256:
     8acea46fa92ac1bbe7f46c0969326cc13af9f6f1389a2b0d567331e54ed31e46 3072 shibboleth-sp_3.0.4+dfsg1-1+deb10u1~bpo9+1.dsc
     84b4d6dfbb89fc414abe4a58eaa2d543fb6acb6ed04436bee115015442fd9377 79576 shibboleth-sp_3.0.4+dfsg1-1+deb10u1~bpo9+1.debian.tar.xz
     763ace37109586c3bcb54d853ecd8c99855eafa1a1567820222170a1fa3ded25 14847 shibboleth-sp_3.0.4+dfsg1-1+deb10u1~bpo9+1_amd64.buildinfo
    Files:
     17075173b6b162b56cfd635c5e6e06f0 3072 web optional shibboleth-sp_3.0.4+dfsg1-1+deb10u1~bpo9+1.dsc
     8644ad27c1e9ea61ed9d6a5a1da30479 79576 web optional shibboleth-sp_3.0.4+dfsg1-1+deb10u1~bpo9+1.debian.tar.xz
     ccc40036861a4f8a9c93946c7182eb67 14847 web optional shibboleth-sp_3.0.4+dfsg1-1+deb10u1~bpo9+1_amd64.buildinfo
    
  • switchaai/3.2.1+dfsg1-1_switchaai0_ubuntu18.04.1
    shibboleth-sp SWITCHaai release 3.2.1+dfsg1-1~switchaai0~ubuntu18.04.1
    
  • switchaai/3.2.1+dfsg1-1_switchaai0_debian9.1
    shibboleth-sp SWITCHaai release 3.2.1+dfsg1-1~switchaai0~debian9.1
    
  • debian/2.6.0+dfsg1-4+deb9u2
    shibboleth-sp2 Debian release 2.6.0+dfsg1-4+deb9u2
    
    Format: 1.8
    Date: Thu, 18 Mar 2021 22:30:40 +0100
    Source: shibboleth-sp2
    Binary: libapache2-mod-shib2 libshibsp7 libshibsp-plugins libshibsp-dev libshibsp-doc shibboleth-sp2-common shibboleth-sp2-utils
    Architecture: source
    Version: 2.6.0+dfsg1-4+deb9u2
    Distribution: stretch-security
    Urgency: high
    Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
    Changed-By: Ferenc Wágner <wferi@debian.org>
    Description:
     libapache2-mod-shib2 - Federated web single sign-on system (Apache module)
     libshibsp-dev - Federated web single sign-on system (development)
     libshibsp-doc - Federated web single sign-on system (API docs)
     libshibsp-plugins - Federated web single sign-on system (plugins)
     libshibsp7 - Federated web single sign-on system (runtime)
     shibboleth-sp2-common - Federated web single sign-on system (common files)
     shibboleth-sp2-utils - Federated web single sign-on system (daemon and utilities)
    Closes: 985405
    Changes:
     shibboleth-sp2 (2.6.0+dfsg1-4+deb9u2) stretch-security; urgency=high
     .
       * [9166b92] New patch: SSPCPP-922 - Add externalParameters option to Errors
         element.
         Fix a phishing vulnerability: Template generation allows external
         parameters to override placeholders
         The primitive template engine used to render error pages allows
         replacement via query parameters also, though this is not a typical
         need. Because of this feature, it's possible to cause the SP to
         display some templates containing values supplied externally by URL
         manipulation. Though the values are encoded to prevent script
         injection, the content nevertheless appears to come from the server
         and so would be interpreted as trustworthy, allowing email addresses,
         logos, or support URLs to be manipulated by an attacker.
         This update adds a new <Errors> setting to the configuration called
         externalParameters, which defaults to false. When false, support for
         this "feature" is disabled.
         https://shibboleth.net/community/advisories/secadv_20210317.txt
         https://issues.shibboleth.net/jira/browse/SSPCPP-922
         Thanks to Scott Cantor (Closes: #985405)
    Checksums-Sha1:
     1c6ad8377205fbc1313b2bbd3bb5e11a2ba43ae5 2901 shibboleth-sp2_2.6.0+dfsg1-4+deb9u2.dsc
     679ec7980f198a5d2aa25f3f2a864b6a939d5dcb 83940 shibboleth-sp2_2.6.0+dfsg1-4+deb9u2.debian.tar.xz
     7141f2eba9a95a2eed561d766d7d63ac8406a34c 13471 shibboleth-sp2_2.6.0+dfsg1-4+deb9u2_amd64.buildinfo
    Checksums-Sha256:
     9c89e72f59dc8dadb12827017ed8fbfe19bba332db880fe9d4d216aac3d67051 2901 shibboleth-sp2_2.6.0+dfsg1-4+deb9u2.dsc
     6cb5e0a78d6e18c113f99718aa31b8665170c1eb6d6301e82d1fb763093048b4 83940 shibboleth-sp2_2.6.0+dfsg1-4+deb9u2.debian.tar.xz
     03ea80552ebe20d435fd085c1754e07c343c41b084c157c7586ef4803e743173 13471 shibboleth-sp2_2.6.0+dfsg1-4+deb9u2_amd64.buildinfo
    Files:
     f253b52fbb3244458667aa01272dd884 2901 web extra shibboleth-sp2_2.6.0+dfsg1-4+deb9u2.dsc
     ab005c39a6e9355d3977a0311ea4073e 83940 web extra shibboleth-sp2_2.6.0+dfsg1-4+deb9u2.debian.tar.xz
     10575078af09e4a5ee9030fb642b977c 13471 web extra shibboleth-sp2_2.6.0+dfsg1-4+deb9u2_amd64.buildinfo
    
  • switchaai/3.2.1+dfsg1-1_switchaai0_ubuntu20.04.1
    shibboleth-sp SWITCHaai release 3.2.1+dfsg1-1~switchaai0~ubuntu20.04.1