Stay Vigilant with Timely Linux Security Advisories

security advisorydenial of servicedebian

Debian Buster DSA-4905-1 Critical: Shibboleth SP Denial Of Service

It was discovered that the Shibboleth Service Provider is prone to a NULL pointer dereference flaw in the cookie-based session recovery feature. A remote, unauthenticated attacker can take advantage of this flaw to cause a denial of service (crash in the shibd daemon/service). . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4905-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso April 27, 2021 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : shibboleth-sp CVE ID : CVE-2021-31826 Debian Bug : 987608 It was discovered that the Shibboleth Service Provider is prone to a NULL pointer dereference flaw in the cookie-based session recovery feature. A remote, unauthenticated attacker can take advantage of this flaw to cause a denial of service (crash in the shibd daemon/service). For additional information please refer to the upstream advisory at https://shibboleth.net/community/advisories/secadv_20210426.txt For the stable distribution (buster), this problem has been fixed in version 3.0.4+dfsg1-1+deb10u2. We recommend that you upgrade your shibboleth-sp packages. For the detailed security status of shibboleth-sp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/shibboleth-sp Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Shibboleth Identity Provider exposed to service disruption due to NULL pointer vulnerability. Prompt patching advised.. Shibboleth Update, Debian Security, Service Provider Flaw, Denial Of Service, Session Recovery Issue. . Severity: Critical. LinuxSecurity.com Team

Apr 27, 2021 •Critical Debian

security advisorymoderatesecurity issue

Ubuntu 20.04 LTS USN-4925-1 Moderate: Shibboleth Content Injection

Shibboleth could be made to display malicious content.. =========================================================================Ubuntu Security Notice USN-4925-1 April 22, 2021 shibboleth-sp vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Shibboleth could be made to display malicious content. Software Description: - shibboleth-sp: Federated web single sign-on system Details: Toni Huttunen and Fraktal Oy discovered that the Shibboleth Service provider allowed content injection due to allowing attacker-controlled parameters in error or other status pages. An attacker could use this to inject malicious content. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: libapache2-mod-shib 3.0.4+dfsg1-1ubuntu0.1 libshibsp-plugins 3.0.4+dfsg1-1ubuntu0.1 libshibsp8 3.0.4+dfsg1-1ubuntu0.1 shibboleth-sp-common 3.0.4+dfsg1-1ubuntu0.1 shibboleth-sp-utils 3.0.4+dfsg1-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4925-1 CVE-2021-28963 Package Information: https://launchpad.net/ubuntu/+source/shibboleth-sp/3.0.4+dfsg1-1ubuntu0.1 . Uncover the Shibboleth flaw affecting Ubuntu 20.04 LTS and learn strategies to minimize content injection threats efficiently.. shibboleth threat, Ubuntu security notice, content injection risk. . LinuxSecurity.com Team

Apr 22, 2021 Ubuntu

security advisorymoderatedebian

Debian 9: DLA-2599-1 Moderate: Shibboleth SP2 Phishing Attack

Toni Huttunen discovered that the Shibboleth service provider's template engine used to render error pages could be abused for phishing attacks. For additional information please refer to the upstream advisory at . - ----------------------------------------------------------------------- Debian LTS Advisory DLA-2599-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Utkarsh Gupta March 19, 2021 https://wiki.debian.org/LTS - ----------------------------------------------------------------------- Package : shibboleth-sp2 Version : 2.6.0+dfsg1-4+deb9u2 CVE ID : not yet available Debian Bug : 985405 Toni Huttunen discovered that the Shibboleth service provider's template engine used to render error pages could be abused for phishing attacks. For additional information please refer to the upstream advisory at https://shibboleth.net/community/advisories/secadv_20210317.txt For Debian 9 stretch, this problem has been fixed in version 2.6.0+dfsg1-4+deb9u2. We recommend that you upgrade your shibboleth-sp2 packages. For the detailed security status of shibboleth-sp2 please refer to its security tracker page at: Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-2599-1 highlights a security flaw in Shibboleth's template engine that can lead to phishing attacks.. Debian Security Update, Shibboleth SP2, Phishing Prevention, Template Engine Exploit. . Severity: Important. LinuxSecurity.com Team

Mar 19, 2021 •Important Debian LTS

security advisorycriticaldebian

Debian DSA-4872-1 Critical: Shibboleth SP Phishing Risk

Toni Huttunen discovered that the Shibboleth service provider's template engine used to render error pages could be abused for phishing attacks. For additional information please refer to the upstream advisory at . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4872-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff March 18, 2021 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : shibboleth-sp CVE ID : not yet available Debian Bug : 985405 Toni Huttunen discovered that the Shibboleth service provider's template engine used to render error pages could be abused for phishing attacks. For additional information please refer to the upstream advisory at https://shibboleth.net/community/advisories/secadv_20210317.txt For the stable distribution (buster), this problem has been fixed in version 3.0.4+dfsg1-1+deb10u1. We recommend that you upgrade your shibboleth-sp packages. For the detailed security status of shibboleth-sp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/shibboleth-sp Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The Debian Security Advisory DSA-4873-1 concerns the threats posed by vulnerabilities in the template engine of Apache's HTTP server related to phishing concerns.. Shibboleth Update, Debian Security, Template Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Mar 18, 2021 •Critical Debian

security advisorydebiancoding error

Debian 7 Wheezy DLA-1179-1 Critical: Shibboleth-SP2 Plugin Error Fix

Rod Widdowson of Steading System Software LLP discovered a coding error in the "Dynamic" metadata plugin of the Shibboleth Service Provider, causing the plugin to fail configuring itself with the filters provided and omitting whatever checks they are intended to perform. . Hash: SHA512 Package : shibboleth-sp2 Version : 2.4.3+dfsg-5+deb7u2 CVE ID : CVE-2017-16852 Debian Bug : 881857 Rod Widdowson of Steading System Software LLP discovered a coding error in the "Dynamic" metadata plugin of the Shibboleth Service Provider, causing the plugin to fail configuring itself with the filters provided and omitting whatever checks they are intended to perform. For Debian 7 "Wheezy", these problems have been fixed in version 2.4.3+dfsg-5+deb7u2. We recommend that you upgrade your shibboleth-sp2 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . An important security patch fixes a vulnerability in the Shibboleth Service Provider for Debian. Update to protect your system.. Debian LTS, Shibboleth SP2, Security Update, Plugin Fix, Critical Error. . Severity: Critical. LinuxSecurity.com Team

Nov 18, 2017 •Critical Debian LTS

security advisorycriticalsoftware update

Debian: DSA-4038-1 Critical: Shibboleth Service Provider Coding Error

Rod Widdowson of Steading System Software LLP discovered a coding error in the "Dynamic" metadata plugin of the Shibboleth Service Provider, causing the plugin to fail configuring itself with the filters provided and omitting whatever checks they are intended to perform. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4038-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso November 16, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : shibboleth-sp2 CVE ID : CVE-2017-16852 Debian Bug : 881857 Rod Widdowson of Steading System Software LLP discovered a coding error in the "Dynamic" metadata plugin of the Shibboleth Service Provider, causing the plugin to fail configuring itself with the filters provided and omitting whatever checks they are intended to perform. For the oldstable distribution (jessie), this problem has been fixed in version 2.5.3+dfsg-2+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 2.6.0+dfsg1-4+deb9u1. We recommend that you upgrade your shibboleth-sp2 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Uncover the vital security patch for the Shibboleth Service Provider that tackles a programming flaw along with suggested resolutions.. Debian Shibboleth Update, Security Advisory, Software Patch. . Severity: Critical. LinuxSecurity.com Team

Nov 16, 2017 •Critical Debian

security advisorydenial of servicedebian

Debian: DSA-3207-1 Critical: Shibboleth Denial Of Service

A denial of service vulnerability was found in the Shibboleth (an federated identity framework) Service Provider. When processing certain malformed SAML message generated by an authenticated attacker, the daemon could crash. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3207-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Yves-Alexis Perez March 28, 2015 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : shibboleth-sp2 CVE ID : CVE-2015-2684 A denial of service vulnerability was found in the Shibboleth (an federated identity framework) Service Provider. When processing certain malformed SAML message generated by an authenticated attacker, the daemon could crash. For the stable distribution (wheezy), this problem has been fixed in version 2.4.3+dfsg-5+deb7u1. For the upcoming stable distribution (jessie), this problem has been fixed in version 2.5.3+dfsg-2. For the unstable distribution (sid), this problem has been fixed in version 2.5.3+dfsg-2. We recommend that you upgrade your shibboleth-sp2 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . A vulnerability has been identified in the Shibboleth service resulting in possible downtime issues. Users are advised to implement the latest updates.. Shibboleth, Debian Updates, Denial Of Service. . Severity: Critical. LinuxSecurity.com Team

Mar 28, 2015 •Critical Debian

security advisorycriticaldebian

Debian 5.0 DSA-1947-1 Critical: Shibboleth Script Injection Issue

Matt Elder discovered that Shibboleth, a federated web single sign-on system is vulnerable to script injection through redirection URLs. More details can be found in the Shibboleth advisory at . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1947-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff December 07, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : shibboleth-sp, shibboleth-sp2, opensaml2 Vulnerability : missing input sanitising Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-3300 Matt Elder discovered that Shibboleth, a federated web single sign-on system is vulnerable to script injection through redirection URLs. More details can be found in the Shibboleth advisory at For the old stable distribution (etch), this problem has been fixed in version 1.3f.dfsg1-2+etch2 of shibboleth-sp. For the stable distribution (lenny), this problem has been fixed in version 1.3.1.dfsg1-3+lenny2 of shibboleth-sp, version 2.0.dfsg1-4+lenny2 of shibboleth-sp2 and version 2.0-2+lenny2 of opensaml2. For the unstable distribution (sid), this problem has been fixed in version 2.3+dfsg-1 of shibboleth-sp2, version 2.3-1 of opensaml2 and version 1.3.1-1 of xmltooling. We recommend that you upgrade your Shibboleth packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch -------------------------------- Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 35169 ce866f75fd4a3e360bcf1f40328a6775 Size/MD5 checksum: 731365 7aba8f84ff20013dea55a4a34306791a Size/MD5 checksum: 957 4b81922200999d83b4e6e300dc4105b2 alpha architecture (DEC Alpha) Size/MD5 checksum: 599542 bc648aff189d0a1ab1cfaa8b552ca3c2 Size/MD5 checksum: 218758 84f33e347e9905f7a8ea10f7ccefef38 Size/MD5 checksum: 81606 ff24f6a6f67605f54970d80effacbbdb Size/MD5 checksum: 4220522 696dd0f5e47dc671cc975becf0de468f amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 458596 74e93d23170bb31caebfe2ca129d07d0 Size/MD5 checksum: 78106 54e21b28a39741ed8e7174f1f461b36f Size/MD5 checksum: 4016352 ed12fa9ff63849bbaebff10b69910042 Size/MD5 checksum: 201502 99f8013c58e15a4e7f631c2b6163df80 arm architecture (ARM) Size/MD5 checksum: 463996 e9b59a2da0e48c3c28d5cc6496fb610a Size/MD5 checksum: 224674 443c6592e797a5f3029ddfc6e4d39b6e Size/MD5 checksum: 77274 eb8e738461d2ce57747d00c0372ccd0c Size/MD5 checksum: 3777924 c8fc18d5e616f85e3bf4be7e72660a6d hppa architecture (HP PA RISC) Size/MD5 checksum: 91240 6d3bf6784f6c37ac33bd5c187ffff78f Size/MD5 checksum: 4681852 45a47043bead90d8c5b4d7d055f3481c Size/MD5 checksum: 236856 9fcd23ec0055d336e830afbff9e0bfc4 Size/MD5 checksum: 523584 39dae9be500d372f40d79cd173208c83 i386 architecture (Intel ia32) Size/MD5 checksum: 433480 4d36fe53ea41d60d8a9271a8283f982e Size/MD5 checksum: 76582 2e8ccdf193b826c7edea81d64928e306 Size/MD5 checksum: 201376 43e1ccf246c06173bb0b726435f0d815 Size/MD5 checksum: 3717328 706787e36afd27879765043b36e21b67 ia64 architecture (Intel ia64) Size/MD5 checksum: 4282674 6cf33d6e7e648f927d7471c1e14faeda Size/MD5 checksum: 261082 42ecc6cb79ccaeb51ed216460854a6ef Size/MD5 checksum: 606936 ad107c7889b6d3656b09494956872099 Size/MD5 checksum: 93558 e42b24b08c6724e038885bbb740b7ca8 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 188188 08e68a767cef9f6a17300355346ebb29 Size/MD5 checksum: 3739418 16b2bbe8b61dcce84d0b59cd1deab413 Size/MD5 checksum: 474312 0f630ad847bd524394fd8a2fb09a3bf6 Size/MD5 checksum: 74468 fea5404f1e3c957dea0725a8dc592026 s390 architecture (IBM S/390) Size/MD5 checksum: 4882170 69ef571c49fc850cc72c2ece4034cc26 Size/MD5 checksum: 431890 0dca24c94492a6315d1fdbec36084135 Size/MD5 checksum: 202306 8ca8e9ef70f686c74bb847872e4aec48 Size/MD5 checksum: 78436 a282913025fea52ca355b0ccd3eaae59 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 4013874 821e9b9bc96fef947d18f6784d3b1854 Size/MD5 checksum: 78344 50dc4f9244ac311dca6bfbc81214c978 Size/MD5 checksum: 416304 13ca14493e80f0ff8e7f94ccdb660abf Size/MD5 checksum: 209108 ecb31ca29a9d247d212a63df040d9a64 Debian GNU/Linux 5.0 alias lenny - -------------------------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 7717 be1470ec19b079abbea465c586a6db9c Size/MD5 checksum: 1450 ae583eaffa9dc2ab9fc37f15bfbf9817 Size/MD5 checksum: 34141 89b96ed5094e36c9da588f2fe0c815d9 Size/MD5 checksum: 17174 b9b0333f56c573d4a7f9bf608cbc4a89 Size/MD5 checksum: 705058 85968f3c72cb789b11c9d01209e4d46b Size/MD5 checksum: 1672 7cef2a57583d84e46a214475c4a25393 Size/MD5 checksum: 761686 996ac4370cd8cb91528169c1e2c337b6 Size/MD5 checksum: 1601 b7d6efd2896e7e3cee6463c14c23b122 Size/MD5 checksum: 726871 836fccbf614fc8edfc1fdbefcf0ba489 Architecture independent packages: Size/MD5 checksum: 365940 551bf56b7ca0618a515b4cde3c9046c7 Size/MD5 checksum: 25680 681338ca7d060ab79c9f26527902d8dc Size/MD5checksum: 258520 39b8bdad69f6bfa31730c459da5b575c Size/MD5 checksum: 15434 4f601fe9b3886b22316a141e01e707a6 alpha architecture (DEC Alpha) Size/MD5 checksum: 575686 69d92528ea88a49b28931fc0fd3653f7 Size/MD5 checksum: 84258 4de37104dcc335289e01785cd85d4c85 Size/MD5 checksum: 218348 8f31cca573d9e3158458c7ec76a09e88 Size/MD5 checksum: 4126894 3eaf35288a38c8d14e4c72340661a594 Size/MD5 checksum: 241522 385e1e70d3b296c97bf34783c2cf173f Size/MD5 checksum: 941354 123fbab68a88df7843839b0406345488 Size/MD5 checksum: 39842 d8c15efea7f3d01bd06b6197a8920235 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 228568 dc4196ddec55f46b1a8eac7185b88a48 Size/MD5 checksum: 81744 a55299c3b74a93da9a592dac059b01c9 Size/MD5 checksum: 44592 4b419a7302251bc7b4692d66bff18528 Size/MD5 checksum: 840692 1ff155d1f8cd16aa3a84aa8efb1193e9 Size/MD5 checksum: 201410 8edd3a696833973b204a6d71dcdab807 Size/MD5 checksum: 39838 ab0ae6d0efddc77e13f9bd4c5310c542 Size/MD5 checksum: 28440 9bb20149248ac6f087e4cc43646d1f8c Size/MD5 checksum: 456000 b8ca326fcf83b65d8dca6e9784f53066 Size/MD5 checksum: 1192090 7803aa94b252c6ea8f0fbbb85c5daa2a Size/MD5 checksum: 3836116 2a44bac39c2cb29039c56cbb95e5786a arm architecture (ARM) Size/MD5 checksum: 228470 71a7c3343665c48ede56d46a0c262221 Size/MD5 checksum: 455568 ea8a41453fc01b7bdfa1c9071327333c Size/MD5 checksum: 77508 7117b5f842db50750bb549fce98b19f9 Size/MD5 checksum: 3581714 51dd8fdf617457b087d06ca7a5736a94 Size/MD5 checksum: 44828 c311aa275750cfd43afd388b153e8416 Size/MD5 checksum: 214548 f3defb04bd5965851b36ac8d6cb3d151 Size/MD5 checksum: 27214 d88ee290fdfd74f37e64f04805cfcc18 Size/MD5 checksum: 40368 586a3581ca90e7e7ee0e88c146687e62 Size/MD5 checksum: 1164554 1f88ecccc1c33e3faab2b3f7a4452dd7 Size/MD5 checksum: 946436 ed86edf1c11e206e5d032bb5181ad50a armel architecture(ARM EABI) Size/MD5 checksum: 205908 0e0678da76fed65ae488470dfe10a0c9 Size/MD5 checksum: 476654 f6d54f691090bf50254dbd386c6d769c Size/MD5 checksum: 69910 ba99d299af96261c579e25e66908abab Size/MD5 checksum: 770344 b86196f10236b070b803cd4471f4c423 Size/MD5 checksum: 45088 c339ef2f9f15e520e82a1d51bfd95aae Size/MD5 checksum: 24718 db0f484a05d4122d24f8545975c15326 Size/MD5 checksum: 1036358 67b6c4e429c5e111b0ec13efb45d7882 Size/MD5 checksum: 40430 f90d19f99a707de0b382b8e9e4b1e198 Size/MD5 checksum: 3558576 c47ab3119943a9566da8ddc09ca660f1 Size/MD5 checksum: 185672 3882aafaf772ec0efef1467d73423aee hppa architecture (HP PA RISC) Size/MD5 checksum: 44690 179fd0ce973904e527a4689d4277394f Size/MD5 checksum: 1028004 fda64b9c3d563d0ca69ab75589df9537 Size/MD5 checksum: 1390048 f4c926a6071013c7036a80e26f28fa11 Size/MD5 checksum: 29416 8464d0da9c99a042352cb2d3283e7ea8 Size/MD5 checksum: 4490366 9f2d49bb26c07d0590a267a956d0ecd6 Size/MD5 checksum: 233514 553109e5fe95a921708fa43c2f390ae1 Size/MD5 checksum: 537212 1c245ff84054296d0ed17e927a306ee0 Size/MD5 checksum: 251682 24496f3bc7ab7f61814a11c926c5df9b Size/MD5 checksum: 88700 8cb6c26058a0a110af40ceb8b5390467 Size/MD5 checksum: 40654 dd810fe55b07f82ceb95bf9ea836e3ea i386 architecture (Intel ia32) Size/MD5 checksum: 39896 92ee9791f3230e4ea0af774d21f94168 Size/MD5 checksum: 830196 69baa4d5223c2de49c11efb1f5221a60 Size/MD5 checksum: 1083380 5172f568a27adc2bed46aa20f676dff5 Size/MD5 checksum: 3517742 7a113810a43f06c3d6a3c5dab6e07016 Size/MD5 checksum: 44708 2ed6b07d9ef09967812b79e897034310 Size/MD5 checksum: 199976 baa7d28e34b5fde83cc018b5a5d4c15a Size/MD5 checksum: 78690 03c98f8a8ab9c46c51211cf03477a596 Size/MD5 checksum: 220864 e29f350428d1b68225d7c8ba7cd3a1ae Size/MD5 checksum: 27222 139eb0bb1b4509126eb0f314bd06b3c6 Size/MD5 checksum: 424062 813d3d51730c919ce8cce2619e8cb7a4 ia64 architecture (Intel ia64) Size/MD5 checksum: 1141736 e154e2940d769255c27812c88e6008ef Size/MD5 checksum: 617516 446aab21fce2d72a0329aaacb13b0218 Size/MD5 checksum: 39822 c1d1672a1133ef3dc3e06bb35d44178a Size/MD5 checksum: 44824 3860e662f447487c2d9bf8205456aece Size/MD5 checksum: 257036 30475f72472985773c1865ac17bd3c89 Size/MD5 checksum: 4090302 8b6a05199dc1320125556dfc7926fae4 Size/MD5 checksum: 272332 83c9fa6e5604e602c3bc4f14a06eeae5 Size/MD5 checksum: 33502 4eed857b2d83a40e68d93e98ade6abc8 Size/MD5 checksum: 95656 89ebd5d71ad2b141d236d8c9b6a43903 Size/MD5 checksum: 1490970 713ad5906467e5b90cc4a3f53f0744f3 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 44844 6b456d8c52239872cbd9f5542bff784b Size/MD5 checksum: 73664 f41bdb4eb005b8625dea2e409364ff87 Size/MD5 checksum: 1193866 808245a31a56eabf2c0e5709b8fd2428 Size/MD5 checksum: 470078 540998727df1f5c9428313f758cf884a Size/MD5 checksum: 39848 87bd4c93eb79695af218c0808a09e35a Size/MD5 checksum: 215272 4860e20d43c86f2735a31f44670618ec Size/MD5 checksum: 26668 62fb10d72d7ed01330fccf10286bbe6a Size/MD5 checksum: 184228 4e33ed1450dc3e80bebe4ba6e77a838b Size/MD5 checksum: 777292 e1e41bc61eccd7ecaea9584d38bf58e6 Size/MD5 checksum: 3850956 d5f8bcc45254c4ef6d92d080556291b5 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 182718 51b45846a45e5e82cc9e19c945a90ea5 Size/MD5 checksum: 26546 86462ca5f14e03a354f66d78a2d2cd26 Size/MD5 checksum: 213836 5ea221d730e499c8d119fadae2a10cf4 Size/MD5 checksum: 767516 609ed9d94b80fc8de162755940085083 Size/MD5 checksum: 39856 260898221c2f3d98aa4d2feea9dd8c79 Size/MD5 checksum: 44834 4888af4ae1674af7cb9f3ad0bc8ed08d Size/MD5 checksum: 3558410 71a2d6eeaf4f098991037d9591960959 Size/MD5 checksum: 465932 0b83d1e7850c8db7bbe6ba6910f277ec Size/MD5 checksum: 72646 d9d3544bf7737fd39c05fa581d7a0d09 Size/MD5 checksum: 1090376 cd526c5cebb53ccce2328f082daa74c7 powerpc architecture (PowerPC) Size/MD5 checksum: 204176 7cb6fb9fb3236cc8511d651c775d073e Size/MD5 checksum: 460872 1447cb90c1f474fd61cc9983cfa556d3 Size/MD5 checksum: 87052 d313378dd667914afa23fe31b6c05ee3 Size/MD5 checksum: 4448862 2f5163953f563c2f019c1dbc9bab43dc s390 architecture (IBM S/390) Size/MD5 checksum: 1233568 235630e792f502b5c37faae115045df9 Size/MD5 checksum: 428186 103147901d6a2cfaeff2035ff2c28288 Size/MD5 checksum: 197704 27ec7c3bd31a449d20da04226b6e468c Size/MD5 checksum: 44804 cd801280cf417fae3e179ef4fe3a66e1 Size/MD5 checksum: 848578 de7ce789ecb6c16795b931402f0b1660 Size/MD5 checksum: 4723822 97ac517c81a1d4dab7935a2be919cca7 Size/MD5 checksum: 80696 92acd50da0e8385d15aae03ffc1a0d02 Size/MD5 checksum: 229200 2441d31d47eabc618d623d32d7e13b5d Size/MD5 checksum: 39816 1cc5bd0bd313ca10b6da5724c48731c4 Size/MD5 checksum: 28226 f4847e4e43da82482df59db35202f2d2 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 3816108 f57bba921d5e899118e7fe8f5bb23f65 Size/MD5 checksum: 27342 3c40d8e2de20d5dcc598bd710af5656b Size/MD5 checksum: 40232 c2d60a1f8c2b5796274c15e4ca5a10ed Size/MD5 checksum: 79978 ad93d7013e82d2a3c00989bd52fb5439 Size/MD5 checksum: 44848 8c6c3a8de0ab991d34114ee39bf2f3db Size/MD5 checksum: 206984 57e6d5d73e1d1e7751471c0759fa5977 Size/MD5 checksum: 218028 7424acce24e5c5c0017d04030e176377 Size/MD5 checksum: 1344914 a1fab1a73f632b64a8cd65d253716481 Size/MD5 checksum: 1009372 037974812670103391815dd83fa3e0fa Size/MD5 checksum: 408546 720bec76be68d6ed4300c38c125745e1 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: debhttps://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Uncover an essential patch for Shibboleth within Debian tackling code injection weaknesses. Refresh your installations today!. Shibboleth Upgrade, Debian Security, Script Injection Fix. . Severity: Critical. LinuxSecurity.com Team

Dec 07, 2009 •Critical Debian

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Debian Buster DSA-4905-1 Critical: Shibboleth SP Denial Of Service

Ubuntu 20.04 LTS USN-4925-1 Moderate: Shibboleth Content Injection

Debian 9: DLA-2599-1 Moderate: Shibboleth SP2 Phishing Attack

Debian DSA-4872-1 Critical: Shibboleth SP Phishing Risk

Debian 7 Wheezy DLA-1179-1 Critical: Shibboleth-SP2 Plugin Error Fix

Debian: DSA-4038-1 Critical: Shibboleth Service Provider Coding Error

Debian: DSA-3207-1 Critical: Shibboleth Denial Of Service

Debian 5.0 DSA-1947-1 Critical: Shibboleth Script Injection Issue

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!