On Wed, Mar 17, 2021 at 06:19:07PM +0100, wf...@niif.hu wrote:
> Dear Security Team,
>
> Please review the debdiff below for a buster-security upload.
> The advisory text changed a little meanwhile, adding credits to Toni
> Huttunen, Fraktal Oy for discovering the problem, mentioning the style
> sheet spoofing and adding some mitigation tips.
>
> I haven't got a concrete exploit on hand, but I'll start testing the
> updated package shortly.
debdiff looks fine, please upload when you had a chance to test it
(and remember to build with -sa, since shib-sp is new in buster-security,
ftp-master and security-master don't share tarballs)
Cheers,
Moritz
