-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Sep 2025 11:46:12 +0200
Source: shibboleth-sp
Binary: libapache2-mod-shib libapache2-mod-shib-dbgsym libshibsp-dev libshibsp-plugins libshibsp-plugins-dbgsym libshibsp12 libshibsp12-dbgsym shibboleth-sp-utils shibboleth-sp-utils-dbgsym
Architecture: amd64
Version: 3.5.0+dfsg-2+deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Description:
 libapache2-mod-shib - Federated web single sign-on system (Apache module)
 libshibsp-dev - Federated web single sign-on system (development)
 libshibsp-plugins - Federated web single sign-on system (plugins)
 libshibsp12 - Federated web single sign-on system (runtime)
 shibboleth-sp-utils - Federated web single sign-on system (daemon and utilities)
Closes: 1114506
Changes:
 shibboleth-sp (3.5.0+dfsg-2+deb13u1) trixie-security; urgency=high
 .
   * [627cc27] New patch: SSPCPP-1014 - Extend escaping in strings.
     Fix SQL injection vulnerability in Service Provider ODBC plugin:
     specially crafted inputs can exfiltrate information stored in the
     database used by the SP.  The vulnerability is moderate to high
     severity for anyone using the ODBC plugin, and of no impact for others.
     Thanks to Scott Cantor (Closes: #1114506)
Checksums-Sha1:
 30ca26ab7f6399a84cb058d2e772145af3d10981 408352 libapache2-mod-shib-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 4b7fbf57dfa7f705072aab7755a28f85750cddb0 67548 libapache2-mod-shib_3.5.0+dfsg-2+deb13u1_amd64.deb
 d275aab9cd43789ab89cea8059ae6d7fcd7a1316 54716 libshibsp-dev_3.5.0+dfsg-2+deb13u1_amd64.deb
 ef019cf8623c5e5feadd275185920405167ddc06 2481808 libshibsp-plugins-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 f23caf9850d54f1c3f47cc796eb374c85b7eba64 186236 libshibsp-plugins_3.5.0+dfsg-2+deb13u1_amd64.deb
 60bf8e5dcb7edcffe77d2857e07e451f8d4d405c 21686460 libshibsp12-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 6ae7927be4626c538a57a41e66037a92043e698c 1046084 libshibsp12_3.5.0+dfsg-2+deb13u1_amd64.deb
 e814eee2b219ec2e8b2470964247a8332687b42a 467236 shibboleth-sp-utils-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 8f3bbe76a068259ef25399de35f1fa3d6652b6ef 80324 shibboleth-sp-utils_3.5.0+dfsg-2+deb13u1_amd64.deb
 13cc6d046a6a893faab32aa74a11905287c0d217 11967 shibboleth-sp_3.5.0+dfsg-2+deb13u1_amd64-buildd.buildinfo
Checksums-Sha256:
 a6248f587edd55908c74dcdf7f0e86ccbb899c4217dddd61f772309a39da7e50 408352 libapache2-mod-shib-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 a103778ed55028c58e4b891c6ca15a92536a7d3219ef099eeb8d36e633e9705a 67548 libapache2-mod-shib_3.5.0+dfsg-2+deb13u1_amd64.deb
 265cf8b89f282e72ab18360052d9926d2e566ffd973dfb849e1221e0f0021d30 54716 libshibsp-dev_3.5.0+dfsg-2+deb13u1_amd64.deb
 c4c762f91927a34a99611e84a022ef27f5d03ecf5d9c509ee2de7b9938fb9fd1 2481808 libshibsp-plugins-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 3724b21ad2919b880fda42b9dfa038cda61312ff9da940c7fd1573dfc5d49449 186236 libshibsp-plugins_3.5.0+dfsg-2+deb13u1_amd64.deb
 da70276446278a503565a25f2ecf2ff2307dbfa46d39f37b0c1a1776e3045394 21686460 libshibsp12-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 f1719f26dfabb3282e3080ae02af20258010b71d4911c95e4a7d41d00ae14223 1046084 libshibsp12_3.5.0+dfsg-2+deb13u1_amd64.deb
 b4abccdfe5b915cf6ce45d76ac755e4a77c6686a720020123acb883db1d74b72 467236 shibboleth-sp-utils-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 8fcf4e62c7539c3678a1d3f330c72c644b63ddea67b6ff0308f54af92a2b90c4 80324 shibboleth-sp-utils_3.5.0+dfsg-2+deb13u1_amd64.deb
 5f26be93226f3d3d7346d3b59482c8454c4da5e05dc795bce65bcf1ea8507653 11967 shibboleth-sp_3.5.0+dfsg-2+deb13u1_amd64-buildd.buildinfo
Files:
 ff947e4481a0e8204971aa271b6089cf 408352 debug optional libapache2-mod-shib-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 b621acfd127cc4c1dc1bb7b32370613f 67548 httpd optional libapache2-mod-shib_3.5.0+dfsg-2+deb13u1_amd64.deb
 2379df046fd8b7481af347f9c0bffd64 54716 libdevel optional libshibsp-dev_3.5.0+dfsg-2+deb13u1_amd64.deb
 8d4a6131f75a14f1e6d563afbbaebf6b 2481808 debug optional libshibsp-plugins-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 7b99d5204895e2f6580b1d25c14be216 186236 libs optional libshibsp-plugins_3.5.0+dfsg-2+deb13u1_amd64.deb
 d3062fcf26e1df17044474f9559ab37f 21686460 debug optional libshibsp12-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 676c2fc5b21d8d99bca7e8588a2bad9a 1046084 libs optional libshibsp12_3.5.0+dfsg-2+deb13u1_amd64.deb
 9f346f18c8028cf2dd771c186eb40d10 467236 debug optional shibboleth-sp-utils-dbgsym_3.5.0+dfsg-2+deb13u1_amd64.deb
 d5bdf4716200d29eed1524c4bfa1a4f7 80324 web optional shibboleth-sp-utils_3.5.0+dfsg-2+deb13u1_amd64.deb
 f97e80c270777902c00050c371e949ea 11967 web optional shibboleth-sp_3.5.0+dfsg-2+deb13u1_amd64-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEnw0rdzqckKx6dwRTEbCLukZn24oFAmi8h8cACgkQEbCLukZn
24p+jA//TUSVUCDMQZVDLCwmXeOfbGkHq1Nlv5KCV8JQ5vISffmrmwqBtapnzglO
6L59Q4tc/KckKaxZmRR8ybdZHnvRUdBv+jbJpRTk8nhuCvqmeOj2PH81hCTv8wM+
FhWIvfZ2tVhx5AYTeQP48iZXDwYHohY0pbO80KyZ+d4gR7d0k0iVCZ0GqtLfl9cq
lvQRTmtiGD7HI0qaClZCxw4cFRBZ37ttWqCDMfZaD8qxgw3lcJBnOVC7SNoZ7/ZB
CnZ+ugmJVDk1rgh3h3wb2VzeGhg6NLiyuTjat4fAR4aOv1GQxJBBpiThMF0KKuTP
aRcKYbgOfILvoROOjllIT4Kc8Y38nZ/KO2Rpuo1/8Eg0hvXn/Dp4wtss/YQFHat+
VO+wezyR0aEeDQfyR1fDKZ7lhx1l90wX7tn15XgL0lQwuLEhhOuMDeu5h1EgiRaP
o40aSz192b0HR7IW4u66SIa4dmzVNYPlem8TjX0AT9GVE3QsRF+T6dAzA+LbGAnw
PaiWYB+VooN/Qa0rVPgGlbQCGJwse05BteVXsPNjIqDRmtUYUlXRBAifjydmX5Cp
01mIiIp1tSAu3jrnC+P+59EyPo+NK8ItWK0ztAzI9x9Pxk3Y1x2f/Z3S8UsuW/hD
0p1JbFqGExFOUUM9Ug6OVvx9pCgqJdmBe3BBL8xHR84ZxVL42m0=
=8m++
-----END PGP SIGNATURE-----