[Git][security-tracker-team/security-tracker][master] Track fixes for re-introduced src:shibboleth-sp package

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
51f44fc9 by Salvatore Bonaccorso at 2018-11-25T20:34:36Z
Track fixes for re-introduced src:shibboleth-sp package

The src:shibboleth-sp package was re-introduced in Debian starting with
the 3.0.2+dfsg1-1 version to experimental and later uploaded to
unstable.

Track previous src:shibboleth-sp2 fixes which are now adressed in
src:shibboleth-sp with the first version which landed in unstable.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -254668,21 +254668,21 @@ CVE-2009-3476 (Buffer overflow in OpenSAML before 
1.1.3 as used in Internet2 ...
        - xmltooling 1.2.2-1
        - opensaml 3.0.0-2
        - opensaml2 2.2.1-1
-       - shibboleth-sp <removed>
+       - shibboleth-sp 3.0.2+dfsg1-2
        - shibboleth-sp2 2.2.1+dfsg-1
 CVE-2009-3475 (Internet2 Shibboleth Service Provider software 1.3.x before 
1.3.3 and ...)
        {DSA-1895-2 DSA-1896-1 DSA-1895-1}
        - xmltooling 1.2.2-1
        - opensaml 3.0.0-2
        - opensaml2 2.2.1-1
-       - shibboleth-sp <removed>
+       - shibboleth-sp 3.0.2+dfsg1-2
        - shibboleth-sp2 2.2.1+dfsg-1
 CVE-2009-3474 (OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as 
used by ...)
        {DSA-1895-2 DSA-1896-1 DSA-1895-1}
        - xmltooling 1.2.2-1
        - opensaml 3.0.0-2
        - opensaml2 2.2.1-1
-       - shibboleth-sp <removed>
+       - shibboleth-sp 3.0.2+dfsg1-2
        - shibboleth-sp2 2.2.1+dfsg-1
        [lenny] - opensaml 1.1.1-2+lenny1
        [lenny] - opensaml2 2.0-2+lenny1
@@ -255122,7 +255122,7 @@ CVE-2009-3301 (Integer underflow in 
filter/ww8/ww8par2.cxx in OpenOffice.org (OO
 CVE-2009-3300 (Multiple cross-site scripting (XSS) vulnerabilities in the 
Identity ...)
        {DSA-1947-1}
        - shibboleth-sp2 2.3+dfsg-1 (medium; bug #555608)
-       - shibboleth-sp <removed> (medium)
+       - shibboleth-sp 3.0.2+dfsg1-2 (medium)
        - opensaml2 2.3-1 (medium)
        NOTE: xmltooling also needs to be updated, changed in sid in 1.3.1-1
 CVE-2009-3299 (Cross-site scripting (XSS) vulnerability in the resume 
blocktype in ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/51f44fc9dfd2fc5b22e450329e8ab2412fcfc439

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/51f44fc9dfd2fc5b22e450329e8ab2412fcfc439
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits