This bug was fixed in the package shibboleth-sp - 3.0.4+dfsg1-1ubuntu0.2
---------------
shibboleth-sp (3.0.4+dfsg1-1ubuntu0.2) focal-security; urgency=high
* SECURITY UPDATE: Session recovery feature contains a null pointer
deference (LP: #1926250)
- debian/patches/SSPCPP-927-Check-for-missing-DataSealer-during-cookie-
rec.patch: Check for missing DataSealer during cookie recovery
- https://shibboleth.net/community/advisories/secadv_20210426.txt
- https://issues.shibboleth.net/jira/browse/SSPCPP-927
- CVE-2021-31826
-- Etienne Dysli Metref <[email protected]> Thu, 10 Jun
2021 11:30:02 +0200
** Changed in: shibboleth-sp (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926250
Title:
CVE-2021-31826: Session recovery feature contains a null pointer
deference
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shibboleth-sp/+bug/1926250/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
