Ubuntu
shibboleth-sp2 package

shibboleth-sp2 2.2.1+dfsg-2 source package in Ubuntu

Changelog

shibboleth-sp2 (2.2.1+dfsg-2) unstable; urgency=low

  * Change the libapache2-mod-shib2 section to httpd, matching override.
  * Add a NEWS.Debian entry for libapache2-mod-shib2 that explains the
    recommended configuration update for the 2.2 version.  Thanks, Scott
    Cantor and Kristof BAJNOK.

shibboleth-sp2 (2.2.1+dfsg-1) unstable; urgency=high

  * New upstream release.
    - SECURITY: Fix improper handling of certificate names containing nul
      characters.
    - SECURITY: Correctly validate the use attribute of KeyDescriptors,
      preventing use of a key for signing or for encryption if its use
      field says it may not be used for that purpose.
    - New shib-metagen script for generating Shibboleth SP metadata.
    - Support preserving form data across user authentication.
    - Support internal server redirection while maintaining protection.
    - Fix incompatibility between lazy sessions and servlet containers.
    - Fix some problems with dynamic metadata resolution.
    - Fix incompatibility with mod_include.
    - Fix single logout via SOAP.
    - Fix shibd crash with invalid metadata.
    - Fix crash in chaining attribute resolver.
    - Avoid infinite loop on empty attribute mapped to REMOTE_USER.
    - Fix handling of some Unicode data in relaystate data in URLs.
    - Correctly return Success to LogoutRequest where appropriate.
    - Avoid chunked encoding in back-channel calls.
    - Correctly check Recipient values in assertions.
    - Fix attributePrefix handling in some contexts.
    - Fix generated metadata DiscoveryResponse.
    - Fix handling of unsigned responses with encryption.
    - Fix handling of InProcess property.
  * Rename library package for upstream SONAME bump.
  * Tighten build dependencies and schema package dependencies on
    opensaml2 and xmltooling.
  * Build against Xerces-C 3.0.
  * Dynamically determine the Debian and upstream package versions for
    get-orig-source from debian/changelog.
  * Update libapache2-mod-shib2's README.Debian for changes to the
    TestShib web pages.
  * Use the automatically-extracted package version as the version number
    for the man pages.
  * Update standards version to 3.8.3.
    - Create /var/run/shibboleth in the init script if it doesn't exist.
    - Don't ship /var/run/shibboleth in the package.
    - Remove /var/run/shibboleth in postrm if it exists.
 -- Ubuntu Archive Auto-Sync <email address hidden>   Fri,  06 Nov 2009 10:34:47 +0000

Upload details

Uploaded by:
Ubuntu Archive Auto-Sync
Uploaded to:
Lucid
Original maintainer:
Debian Shib Team
Architectures:
any
Section:
web
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
shibboleth-sp2_2.2.1+dfsg.orig.tar.gz 799.2 KiB dba2471da9cca7073ef34e8f55dd083c56e9d80e301799525d4bbd6e26e76ea2
shibboleth-sp2_2.2.1+dfsg-2.diff.gz 15.9 KiB 2f7e2261e484c95937141442e20387b9b1defc3eb94bc8104761915a90b563f0
shibboleth-sp2_2.2.1+dfsg-2.dsc 1.6 KiB a4c82ffe2b66e3e0316509199bd32a6135d364538c038d0ef338a65006d26f64

Available diffs

View changes file

Binary packages built by this source