-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 06 Sep 2025 11:46:12 +0200 Source: shibboleth-sp Binary: libapache2-mod-shib libapache2-mod-shib-dbgsym libshibsp-dev libshibsp-plugins libshibsp-plugins-dbgsym libshibsp12 libshibsp12-dbgsym shibboleth-sp-utils shibboleth-sp-utils-dbgsym Architecture: s390x Version: 3.5.0+dfsg-2+deb13u1 Distribution: trixie-security Urgency: high Maintainer: s390x Build Daemon (zani) Changed-By: Ferenc Wágner Description: libapache2-mod-shib - Federated web single sign-on system (Apache module) libshibsp-dev - Federated web single sign-on system (development) libshibsp-plugins - Federated web single sign-on system (plugins) libshibsp12 - Federated web single sign-on system (runtime) shibboleth-sp-utils - Federated web single sign-on system (daemon and utilities) Closes: 1114506 Changes: shibboleth-sp (3.5.0+dfsg-2+deb13u1) trixie-security; urgency=high . * [627cc27] New patch: SSPCPP-1014 - Extend escaping in strings. Fix SQL injection vulnerability in Service Provider ODBC plugin: specially crafted inputs can exfiltrate information stored in the database used by the SP. The vulnerability is moderate to high severity for anyone using the ODBC plugin, and of no impact for others. Thanks to Scott Cantor (Closes: #1114506) Checksums-Sha1: acd0abe3f83d79c1ca604459b555e64dd047a685 396832 libapache2-mod-shib-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb 8647d78e16476ea9b885b57dff71b4b24ffb8aec 64440 libapache2-mod-shib_3.5.0+dfsg-2+deb13u1_s390x.deb bd964f6d250f792b71d4144fc3cf92461877e35d 54692 libshibsp-dev_3.5.0+dfsg-2+deb13u1_s390x.deb 34b3c71de5895b0fde7d6e621ffeede8544c08b4 2415872 libshibsp-plugins-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb 19d1207373ae541079e2187cb47e02e7386d998b 172424 libshibsp-plugins_3.5.0+dfsg-2+deb13u1_s390x.deb c7ad4f35eca4e38494be2fafd32ea5cb3416caf0 21179560 libshibsp12-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb 1cd5ad745e5fa2ea29a074a1ee68eb9d1ea63df9 976760 libshibsp12_3.5.0+dfsg-2+deb13u1_s390x.deb 3a6fd0a8c7e07829fed0bd204c2b8f4c935bf46a 459536 shibboleth-sp-utils-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb 72251ec24f6979b4ca8566ce0ed32d57a1f4b7fd 77356 shibboleth-sp-utils_3.5.0+dfsg-2+deb13u1_s390x.deb 9eebb07b48b9a3698587da1739f3711a936b9d0c 11826 shibboleth-sp_3.5.0+dfsg-2+deb13u1_s390x-buildd.buildinfo Checksums-Sha256: f5311d16879296b7a34f60bedce9c142b3ad597050e2f2dc24db0088a268be52 396832 libapache2-mod-shib-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb d897da49415d630784bd20a610c2b9c83787ea86d0cb9b797eecb10f23d0fe8f 64440 libapache2-mod-shib_3.5.0+dfsg-2+deb13u1_s390x.deb eb68a0fe258a0afbf5718bdfa56e02748fce08423f6b3fc50b0bffc56457b4d3 54692 libshibsp-dev_3.5.0+dfsg-2+deb13u1_s390x.deb 124ae3c8e2ba62c849b2a1accda08be4c30ee254cd1d8d2cfbff4aa8c747a2b7 2415872 libshibsp-plugins-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb d2f0aa723985a9cb7c3d5a96c793cf30099486d3528ecedcdf21c6f146bb973c 172424 libshibsp-plugins_3.5.0+dfsg-2+deb13u1_s390x.deb f384ebbaa67dcada917620627e6d9192ab1d3bc1067b643090441761bf0b8521 21179560 libshibsp12-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb 1468559c7f86e878f5e1ee3502aa8cc680fdc88391e0bdec2220929022dbeb7d 976760 libshibsp12_3.5.0+dfsg-2+deb13u1_s390x.deb 0276352bccdbe55935d48691f67c7816f0d0293b1a99de1dba8d109c67d8cc0b 459536 shibboleth-sp-utils-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb 9cb45df53842ff1063503666874f5726ad57811ea4357adcb3f55da397632c94 77356 shibboleth-sp-utils_3.5.0+dfsg-2+deb13u1_s390x.deb 5a2381c8a8c51390e47f5e8abd0ecfab8969b416de633778ee85ef594e8aa0ff 11826 shibboleth-sp_3.5.0+dfsg-2+deb13u1_s390x-buildd.buildinfo Files: dc766b931b4b6c47a9a801ce808a7634 396832 debug optional libapache2-mod-shib-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb f2a7c2bd22735d72d0eaefaf0311c167 64440 httpd optional libapache2-mod-shib_3.5.0+dfsg-2+deb13u1_s390x.deb be6330fd1d3360342d9e8e66c889ef6f 54692 libdevel optional libshibsp-dev_3.5.0+dfsg-2+deb13u1_s390x.deb f015f0c1adac436cb734e586fb09d39a 2415872 debug optional libshibsp-plugins-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb 188cdcee82d2bab3006559367afaa6e6 172424 libs optional libshibsp-plugins_3.5.0+dfsg-2+deb13u1_s390x.deb e7f0d5c4b8fead68b96783dfe07365dc 21179560 debug optional libshibsp12-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb 621d2d8d8998ed0e648caedb2513cc04 976760 libs optional libshibsp12_3.5.0+dfsg-2+deb13u1_s390x.deb a9fa705525bad0ab0f5ae42cb6c720f5 459536 debug optional shibboleth-sp-utils-dbgsym_3.5.0+dfsg-2+deb13u1_s390x.deb c0ac1e77eb046b856b8050d158c2a2b2 77356 web optional shibboleth-sp-utils_3.5.0+dfsg-2+deb13u1_s390x.deb b6f4f39fcf4b2059a66b73b5c49f7733 11826 web optional shibboleth-sp_3.5.0+dfsg-2+deb13u1_s390x-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEgh4msZ+e2PZfd5KckaCrxAR3BY0FAmi8qZkACgkQkaCrxAR3 BY3n8w/+JRf17K8wpBdaYLXd2SScJ1+wr72RfeuT0AloPuTnqUg/UOHVBjaIzWfw QkyGrx42Ay+1yiW9kwIPy+5TrWniG3loi3E8IZ3tdHN+KupVmXDOGrBmFpIlzHMN Bq+fDSFBNte/jT4W6VYkKvsL4HskeUgQyL9TaP+Fy5frIATMpc9PDSsZzRnEjLBz q475FimsmwFMT9JeNZ+JREpUfgTIW/rUUko3uonm7xFSKD3h2OAALTalsqagrRAT hEmo5C98K7YrMRfT0tVVib8ftO2YrLicxsjEaTZtArZFHpBd3SDw8k8Bdc18pwZm 5jIwhXdI6ymNj5zBtZle62q75oZmagj6WrKf7Or7+0cwGLdZZ3U3XuOeErf0v4wY e0162eX/0YrD5X7+fxFE0hfyL23lcmieNBdk3kcEkjP2SWGZRPAOQ4eQqYTCa0WN t1lbtI7V9iJczB/OEEDJ8L4T18ShfoepipX794kwW+hLZgIdMo7JSP+nxXx9t9wV ocs9xYOkQVHpQqDukckiMKBz5DvllpEBAKJvB7TG0Zt0rxj6zGCn8cHcmo1K1a/+ UBhJd43W1Bx5hO3Q2KUYMwP/3KIzH0M2VmT3jnFNNluBgbd65Uhwfx1EDrzEzocc +pW3xEu5Julv5XbGJXR3PbURPO/N18zlkKlEaUA4DcGZ6WBAcx4= =1zvW -----END PGP SIGNATURE-----