On Wed, Mar 17, 2021 at 06:19:07PM +0100, wf...@niif.hu wrote: > Dear Security Team, > > Please review the debdiff below for a buster-security upload. > The advisory text changed a little meanwhile, adding credits to Toni > Huttunen, Fraktal Oy for discovering the problem, mentioning the style > sheet spoofing and adding some mitigation tips. > > I haven't got a concrete exploit on hand, but I'll start testing the > updated package shortly.
debdiff looks fine, please upload when you had a chance to test it (and remember to build with -sa, since shib-sp is new in buster-security, ftp-master and security-master don't share tarballs) Cheers, Moritz