-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 20 Nov 2017 10:46:24 +0100 Source: opensaml2 Binary: libsaml9 libsaml2-dev opensaml2-tools opensaml2-schemas libsaml2-doc Architecture: source Version: 2.6.1-1 Distribution: unstable Urgency: high Maintainer: Debian Shib Team <pkg-shibboleth-de...@lists.alioth.debian.org> Changed-By: Ferenc Wágner <wf...@debian.org> Description: libsaml2-dev - Security Assertion Markup Language library (development) libsaml2-doc - Security Assertion Markup Language library (API docs) libsaml9 - Security Assertion Markup Language library (runtime) opensaml2-schemas - Security Assertion Markup Language library (XML schemas) opensaml2-tools - Security Assertion Markup Language command-line tools Changes: opensaml2 (2.6.1-1) unstable; urgency=high . * [0c08870] New upstream release (2.6.1) Security fix for CVE-2017-16853: Rod Widdowson of Steading System Software LLP discovered a coding error in the OpenSAML library, causing the DynamicMetadataProvider class to fail configuring itself with the filters provided and omitting whatever checks they are intended to perform. * [0795c42] Refresh our patches * [1f742ec] Update Standards-Version to 4.1.1 (no changes needed) * [5bed74f] Bump XMLTooling dependency version to 1.6. This isn't strictly required, but the stack is always updated in lockstep, so why not follow the upstream spec file in this respect. Checksums-Sha1: 05e5baa83e42811dc84981ed25a6190970c84a8b 2513 opensaml2_2.6.1-1.dsc f5ae1d732aa206f73129cdd74ee0fec1a201a1cf 575533 opensaml2_2.6.1.orig.tar.bz2 0d6525118e5fddcf59613ff5739c4758bf24b998 63916 opensaml2_2.6.1-1.debian.tar.xz bb9925d7f0aebd4624c3a657301dfcaf7c10853f 10039 opensaml2_2.6.1-1_amd64.buildinfo Checksums-Sha256: 278a71bf2ee3f22dec2aed5f770f1e614465300c3f50b27d4d93d25c0f941d47 2513 opensaml2_2.6.1-1.dsc 69516b165858d381fcf1d8ce809c101246824d383aa635a3676648c88b242a83 575533 opensaml2_2.6.1.orig.tar.bz2 eb8fae0667c71eb44d010ce60949d333abc8279917bca8461402d5c8ae8e971a 63916 opensaml2_2.6.1-1.debian.tar.xz dd98c9267806eeb224529f450272c2d9a6151535010e84ad881524a942a3106f 10039 opensaml2_2.6.1-1_amd64.buildinfo Files: 609a25a0928a43078f9c65b5c8bae602 2513 libs optional opensaml2_2.6.1-1.dsc c3a140e6705eaf80c7984774d93fd68c 575533 libs optional opensaml2_2.6.1.orig.tar.bz2 72c4d5cacf0b0af15666a0ce58566e4f 63916 libs optional opensaml2_2.6.1-1.debian.tar.xz c2aa7601166c5389d40e1130056b4665 10039 libs optional opensaml2_2.6.1-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEwddEx0RNIUL7eugtOsj3Fkd+2yMFAloTFvQACgkQOsj3Fkd+ 2yOlRBAAuZIUHe6Bqn3+x9p5B2UZrlSfWHQicnqlPukd1FulvjQGgKsJNC+oRwmC 6/m1xtoHcqU4u//xL0xJ9pZ8EehSqiBA7di6Km74DseMz+NFS/ngd+D1t5W0zR3T RIH1AAsYAFUbsh2PTwALDyotypeNDbTT56S7aZ9K6bmYRKYnlznjmBx6w1KlcPCC hM8GYbS23ASAS/EEUwBmqXDpxOrG8WqIOuRLMcffFDaJPXDzNoTll/Y4nv9yy5MW HCIbKlS8iJaSdYwNSsRiqhKTbhIQqq99T+EuIRknn7Z29zq0BC+e0Tosqq4SbmCw 1ZzkAL2wi1QJ/otMpmT8a+Hedt9N5yiBAhnTdTzvk64VbnIir3h0ZzZZAQyafrnL Iw1yf4vhA3K9ouHiNb5sNyrocp/PW7n6TB2FJc74+eoKGYDNwS3YaPKVEW+6z6wp XhDDJqN/wm2T2gFnwGCcLaSJko8BWRYdZ9pG5138Dj/XyUwbr9Gk6cJRwkuwEclM 8ZE26VsWgJFLAzwssZn1t81yvoFlNg4pxXAF8o5yBNA1BbDCct1EZ+ndAXIb1PjC X7Z6ygm976Sk+aecWpal6goCfdd6PySxHk1Ze512uOQCiYpaGQxkjyZZQ0vdgsQY nt9nsoBZYHqYaFJBR1cCZlJUGsEnnwWsaeQkn8BD3+oEEx3/WGI= =qxpl -----END PGP SIGNATURE-----