... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

linux.debian.announce.security

Debian security announcements I think?

29 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 23 of 29

Salvatore Bonaccorso to All

[SECURITY] [DSA 5994-1] shibboleth-sp se

07 Sep 25 16:20:01

   From: carnil@debian.org   
      
   -----BEGIN PGP SIGNED MESSAGE-----   
   Hash: SHA512   
      
   - -------------------------------------------------------------------------   
   Debian Security Advisory DSA-5994-1                   security@debian.org   
   https://www.debian.org/security/                     Salvatore Bonaccorso   
   September 07, 2025                    https://www.debian.org/security/faq   
   - -------------------------------------------------------------------------   
      
   Package        : shibboleth-sp   
   Debian Bug     : 1114506   
      
   Florian Stuhlmann discovered a SQL vulnerability in the ODBC plugin in the   
   Shibboleth Service Provider which may result in information leak.   
      
   For additional information please refer to the upstream advisory at   
   https://shibboleth.net/community/advisories/secadv_20250903.txt   
      
   For the oldstable distribution (bookworm), this problem has been fixed   
   in version 3.4.1+dfsg-2+deb12u1.   
      
   For the stable distribution (trixie), this problem has been fixed in   
   version 3.5.0+dfsg-2+deb13u1.   
      
   We recommend that you upgrade your shibboleth-sp packages.   
      
   For the detailed security status of shibboleth-sp please refer to its   
   security tracker page at:   
   https://security-tracker.debian.org/tracker/shibboleth-sp   
      
   Further information about Debian Security Advisories, how to apply   
   these updates to your system and frequently asked questions can be   
   found at: https://www.debian.org/security/   
      
   Mailing list: debian-security-announce@lists.debian.org   
   -----BEGIN PGP SIGNATURE-----   
      
   iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmi9k41fFIAAAAAALgAo   
   aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2   
   NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND   
   z0RJzA//e5S/OReN7hUNEnUekq7G1rsmBgMEEkCRo9+qnVSoU3fx9myebNqieKPn   
   CpPmP5bpFkpROsTaWzHFBPfURS8y8xz2G5Jlpd+M0WZCqruJjJv8FbhkgVKKmbkz   
   AsiABDNPp+Pougc/PV5uHcGn3bzRqCvp5fdtEF53vU8Od4WzE/nLjxdjsVSkFdFn   
   DpieuzR2rR9Q4tPLdL4XtPs3WXPwoAt5czkUdnHMQEOplbBE6ISsb4kDcven9cTE   
   autdHU/Nvc/xMcurDWpPGeyR8hE8NL3B5evK3VJXB/9IrT95CSQbcukYqP7IWYXm   
   mrAcW0nvUcqe3eCD6QM10tj8vh/TaN7vvSudFSwP1bBesXyD2KyeJHw6kQFWXLi3   
   mUdgh/Q3+InzNtVQ541g71QXMwwz3SL1aujqq+ck3WiI+BOfEvULFVgrmsopxhJP   
   Y6ZohFdCmNDOcbOUm4Nz+kWH2QCoxU/Qzzz43bZXIjpIKhvc4yG7A0FErCY8D1SA   
   D2UEmWk3a8jaF0ZLN3Ms0Bmfy1VqAkFOItn8cERhL9RMY3stO9RyDc2xWsWjT5mc   
   h1cDZbr3uBCYqHQ1g0h6QaKMrmK0zscN69lsvO36q/S0CBytBNLPTvGOhh/upkTP   
   vvy3df5yxZ2lk/dwCMPnTKJqrKy7BFBrUuHs7bDwnT254t6lczg=   
   =9+Hd   
   -----END PGP SIGNATURE-----   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]