Linux Security
Linux Security
Linux Security

Debian: DSA-1895-2: New opensaml2 and shibboleth-sp2 packages fix regression

Date 09 Oct 2009
Posted By LinuxSecurity Advisories
In DSA-1895-1, the xmltooling package was updated to address several security issues. It turns out that the change related to SAML metadata processing for key constraints caused problems when applied without the matching changes in the opensaml2 and shibboleth-sp2
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1895-2                  This email address is being protected from spambots. You need JavaScript enabled to view it.                           Florian Weimer
October 09, 2009            
- ------------------------------------------------------------------------

Package        : opensaml2, shibboleth-sp2
Vulnerability  : interpretation conflict
Problem type   : remote
Debian-specific: no
Debian Bugs    : 549936

In DSA-1895-1, the xmltooling package was updated to address several
security issues.  It turns out that the change related to SAML
metadata processing for key constraints caused problems when applied
without the matching changes in the opensaml2 and shibboleth-sp2

For the stable distribution (lenny), this problem has been fixed in
version 2.0-2+lenny1 of the opensaml2 packages, and version
2.0.dfsg1-4+lenny1 of the shibboleth-sp2 packages.

We recommend that you upgrade your opensaml2 and shibboleth-sp2

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Source archives:
    Size/MD5 checksum:     1671 6aa8c0c382f42d56da0d02a8dac190f1
    Size/MD5 checksum:   705058 85968f3c72cb789b11c9d01209e4d46b
    Size/MD5 checksum:     1449 5c628a5dd4614555953e410a78009298
    Size/MD5 checksum:    14500 df59094fab5f3714e6ce67b298d9fbf3
    Size/MD5 checksum:   726871 836fccbf614fc8edfc1fdbefcf0ba489
    Size/MD5 checksum:     6582 2c4fe0169aa897da269107fe43727965

Architecture independent packages:
    Size/MD5 checksum:    22936 3524f5c9de24e6dd6ce655099534a5ec
    Size/MD5 checksum:   216996 38cac8e6036637aa770ba325ae3ea83b
    Size/MD5 checksum:    15144 eb73f6bbbdcc8152f7f29b78a7855282
    Size/MD5 checksum:   320978 8f55a5e0788336b563241aa9787e4f19

alpha architecture (DEC Alpha)
    Size/MD5 checksum:    30830 56a3df9d8f29260549dc1b0ad30c6c73
    Size/MD5 checksum:   935782 bc072664522bf99d89c9e59b7ee5795a
    Size/MD5 checksum:    44900 d077afefbc80465fda7d6e667edaafe0
    Size/MD5 checksum:   240726 71c5d7f685d8bad8af9f6ff5cb87c664
    Size/MD5 checksum:  1274606 31de8f52a00560f1d20944c80bbf0d22
    Size/MD5 checksum:    39718 fa0a1060a3f753708acab07e93b65a87

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:    28296 41e3a07a37cd11363659bc7023d8177c
    Size/MD5 checksum:  1191192 50e10dd708890b191da818107c3f096d
    Size/MD5 checksum:    39652 ccaf41767ce12ea968ca6576fce2823c
    Size/MD5 checksum:   837168 39d5089edf6211e96882f2ae4588b6a8
    Size/MD5 checksum:   228302 ce589d6fb8521b93ab5b9fef89378037
    Size/MD5 checksum:    44682 a4d2f8e45f3f661e96d7313bac7656a4

arm architecture (ARM)
    Size/MD5 checksum:    44896 17ea3c69e9d21e0759e3109c0175913c
    Size/MD5 checksum:   941464 188e5856c70f4d8e08de03e0d91ce366
    Size/MD5 checksum:    27094 750261b1f04d9e16ce9bbd861059cd96
    Size/MD5 checksum:    39952 3221a4f083df6236921972158f491d9c
    Size/MD5 checksum:  1163622 5369ed1621f18fb85d4703832ad5f231
    Size/MD5 checksum:   231604 0e3dc0417fd70c9e6bb5f6aee63c4f0a

armel architecture (ARM EABI)
    Size/MD5 checksum:   765524 3c3b71c126d50bf4883fd58869f2a133
    Size/MD5 checksum:   207720 e5220cdc47fd5e5e4bc5602a7e2d99dc
    Size/MD5 checksum:    24600 ce97a126c129ed4d0c30e2f490a2eab7
    Size/MD5 checksum:  1035706 771d54bf77b72c49154fc7f7be1cb6ba
    Size/MD5 checksum:    44926 030d1eec0ef851c4b41ab4ddf52cd6a0
    Size/MD5 checksum:    39846 c38394855f48998098bf6a8c0bdc5a62

hppa architecture (HP PA RISC)
    Size/MD5 checksum:    44546 49c45b474566ca66a0bbb064f70b36c9
    Size/MD5 checksum:    29280 d1128630e5184f1be48732a592f0e111
    Size/MD5 checksum:   251416 2127a441e9ddbd4436c71e979ac4d6cd
    Size/MD5 checksum:  1021120 0b5895841efc534a288c2b0f9f0d44f1
    Size/MD5 checksum:    40474 8b92606081de571a55fc9ed1db334607
    Size/MD5 checksum:  1389712 1689c625e8c87f48f22410a418d12126

i386 architecture (Intel ia32)
    Size/MD5 checksum:   222978 f8908475a24de500f9aa1f11fd75bb6c
    Size/MD5 checksum:   826468 1301ae230768c43c463a7fa085e847d8
    Size/MD5 checksum:    27144 df2b8fc5a60848b3a54192a0be6d3f35
    Size/MD5 checksum:    40514 2f8cb186b21f2660a63d40e4bb3b128d
    Size/MD5 checksum:  1083130 63ea9161789ff202276eaecd54613bb6
    Size/MD5 checksum:    44708 9d6f997e516acd7dfc2a4576d0d701db

ia64 architecture (Intel ia64)
    Size/MD5 checksum:    33370 7bcfb306d217b6abb2cb09f0b72a84b1
    Size/MD5 checksum:  1134276 50b44e8348d63ee5ea77fb9755370c43
    Size/MD5 checksum:   272016 a15dac0c0201ff9509af73ad9b9c48dd
    Size/MD5 checksum:  1490790 053ada6c14ef2b4cd7825f6d1139b2b5
    Size/MD5 checksum:    39634 9f415c71ced4c28061c3588aa035a139
    Size/MD5 checksum:    44668 dd7968be9dd0703a18ee9fd43ce57387

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:  1193346 1958fed6138b6b3a224c77b6bc87fab5
    Size/MD5 checksum:   215050 cfaa6dca8ab996395eec8ba9bffd9eab
    Size/MD5 checksum:    26546 f4d7e06fb0ab64138011d2ebcdc33f60
    Size/MD5 checksum:   773074 f9bd74b9ac18785a26fc0fdd25a1941a
    Size/MD5 checksum:    39660 1e624a5658850a00698a6959b3494adb
    Size/MD5 checksum:    44690 f0ced9e82160529de6a33dd5be9fa706

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:    39662 50463c8b0b7a37ebba173f5aa5272dbe
    Size/MD5 checksum:    44690 3c60f54d3d252b8fbfc1fc8758af3fe5
    Size/MD5 checksum:   213566 5f5bf808bc84bafdbb930efeb9c84faf
    Size/MD5 checksum:  1089608 f8e4496360adacf0459a4cc922a1bf7d
    Size/MD5 checksum:    26414 c69addcb8a7a0d43f6a097dce6d9e17a
    Size/MD5 checksum:   763756 b2452b82015e3829bf0a09ab787bb4af

powerpc architecture (PowerPC)
    Size/MD5 checksum:    44688 d5a2832f8f12694d2e2ab69d4bd9a115
    Size/MD5 checksum:   882708 3b3056c8a0443aa4975946e1dc9405b8
    Size/MD5 checksum:    39660 b1adc0e456e0d1293a35ef0622f81747
    Size/MD5 checksum:    31266 c0f82be8e04402e7cccca76baad27f2f
    Size/MD5 checksum:  1289772 eb1e6a3713d3da339ff938fbe92b9740
    Size/MD5 checksum:   244556 05b5597ead8759f29d5123521bc077e6

s390 architecture (IBM S/390)
    Size/MD5 checksum:    39636 6daa58c84e48127842d9d10df99ea650
    Size/MD5 checksum:    44670 ede9b5074a594b9d7862656fb9bc2d54
    Size/MD5 checksum:    28102 21006123a481c07598bbda9c28910242
    Size/MD5 checksum:   842940 00b7331d1d43657db0153270ee48b608
    Size/MD5 checksum:   228976 c3cd3436628fbfc54c5e81b64337fd5c
    Size/MD5 checksum:  1232786 e6bfb07496f8a784c7c14ccddb13bcb0

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:    44786 8fe9aaf8edf3376f542c588f943efe38
    Size/MD5 checksum:  1344028 3476df618788100bef4f94c60c1d11e1
    Size/MD5 checksum:   217634 e4303df657ea167c9b739ff806630988
    Size/MD5 checksum:    40194 c5e11badb02698b274c997f021ae2034
    Size/MD5 checksum:    27242 322badc2e57d276e7b1526d92139a40e
    Size/MD5 checksum:  1005082 2f6018d031659572bbb3d257b9d5e47d

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
Package info: `apt-cache show ' and


LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"64","type":"x","order":"1","pct":76.19,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"13","type":"x","order":"2","pct":15.48,"resources":[]},{"id":"181","title":"Hardly ever","votes":"7","type":"x","order":"3","pct":8.33,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.