[BSA-103] Security Update for shibboleth-sp

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Matthew Vernon uploaded new packages for shibboleth-sp which fixed the
following security problems:

CVE-2015-2684
  A denial of service vulnerability was found in the Shibboleth (a
  federated identity framework) Service Provider. When processing
  certain malformed SAML messages generated by an authenticated
  attacker, the daemon could crash.

For the wheezy-backports distribution the problems have been fixed in
version 2.5.3+dfsg-2~bpo70+1.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.9 <http://mailcrypt.sourceforge.net/>

iQIcBAEBCgAGBQJVLPd/AAoJEBL00hyPamPIMVoP/R+8cuMtfB7ymeN8TpqkhSYg
HKH2G38qRXWntSNHIPL/K/Yl/OYMxTgh3qbOQQe7DdyE4DTY+s1IINU6e/ubhldH
1dtrl/OFX4+j1rEevuxs6/YC87jI1YojIRRhZEU6kE/Wc32YXqclDyCgMpIrzu3S
hjXVBCGaMZ9TQxnc4kdVOj7Cpr3InIMjI9bFuhnKP+65Eq+9EVwFyNgegO3o/AzL
NrVj1RRqaCjfGpf+aQJXCupUs6vxVx+81m645mVEShGc9Bd3BaGhM72AYKME/u4a
48xQYJ6YZXwYRh5JuUezud+Er7IPzBRVzlmSMgy+Xf0beitfw4HM+egYuhVL

007 Software

[BSA-103] Security Update for shibboleth-sp

Leave a Reply Cancel reply

Software and Security Information