[Git][security-tracker-team/security-tracker][master] Track fixes for CVE-2009-347{4,5,6}/opensaml

Sun, 25 Nov 2018 12:23:55 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
93279888 by Salvatore Bonaccorso at 2018-11-25T20:22:11Z
Track fixes for CVE-2009-347{4,5,6}/opensaml

The src:opensaml package was re-introduced in Debian starting with the
3.0.0-1 version to experimental and later uploaded to unstable.

As such track the first src:opensaml version in unstable containing
those fixes as the one for the fixed version. While it was named
src:opensaml2 it was fixed in src:opensaml2/2.2.1-1 to unstable.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -254666,21 +254666,21 @@ CVE-2009-3477 (The Blackberry Browser in RIM 
BlackBerry Device Software 4.5.0 be
 CVE-2009-3476 (Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 
...)
        {DSA-1895-2 DSA-1896-1 DSA-1895-1}
        - xmltooling 1.2.2-1
-       - opensaml <removed>
+       - opensaml 3.0.0-2
        - opensaml2 2.2.1-1
        - shibboleth-sp <removed>
        - shibboleth-sp2 2.2.1+dfsg-1
 CVE-2009-3475 (Internet2 Shibboleth Service Provider software 1.3.x before 
1.3.3 and ...)
        {DSA-1895-2 DSA-1896-1 DSA-1895-1}
        - xmltooling 1.2.2-1
-       - opensaml <removed>
+       - opensaml 3.0.0-2
        - opensaml2 2.2.1-1
        - shibboleth-sp <removed>
        - shibboleth-sp2 2.2.1+dfsg-1
 CVE-2009-3474 (OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as 
used by ...)
        {DSA-1895-2 DSA-1896-1 DSA-1895-1}
        - xmltooling 1.2.2-1
-       - opensaml <removed>
+       - opensaml 3.0.0-2
        - opensaml2 2.2.1-1
        - shibboleth-sp <removed>
        - shibboleth-sp2 2.2.1+dfsg-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/93279888870a164076d94925a950a1809fe0882f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/93279888870a164076d94925a950a1809fe0882f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to