Package: shibboleth-sp2 / 2.5.3+dfsg-2
Metadata
Package | Version | Patches format |
---|---|---|
shibboleth-sp2 | 2.5.3+dfsg-2 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
0001 Improve shibd init script.patch | (download) |
configs/shibd-debian.in |
143 115 + 28 - 0 ! |
improve shibd init script Convert to use the LSB functions and be more formally correct about exit status, startup and shutdown checking, and so forth. Run shibd as the _shibd user and group if they can read the local private key. Add a status command. |
0002 keygen improvements for Debian.patch | (download) |
configs/keygen.sh |
9 8 + 1 - 0 ! |
keygen improvements for debian Generate the key owned by _shibd to work with the Debian user configuration for the shibd daemon. Pass --fqdn to the hostname command when determining the default identity for better certificate names. |
0003 Avoid libtool silent flag.patch | (download) |
configure.ac |
3 2 + 1 - 0 ! |
avoid libtool --silent flag For Debian builds, we want to see all the compiler flags so that build log analysis has all available data. Disable adding --silent to the libtool flags in configure.ac. |
0004 Shire log path for Debian.patch | (download) |
configs/Makefile.am |
2 1 + 1 - 0 ! |
shire log path for debian Change the Apache module log path to /var/log/apache2, used on Debian, from the Red Hat /var/log/httpd. |
0005 Default native logger to syslog.patch | (download) |
configs/native.logger.in |
44 30 + 14 - 0 ! |
default native logger to syslog Rather than generating a separate log in /var/log/apache2 by default, which needs permissions and rotation management, default the native.logger configuration to using syslog. |
0006 Remove WSTrust schema references.patch | (download) |
schemas/Makefile.am |
3 1 + 2 - 0 ! |
remove wstrust schema references The WSTrust schema is under a non-DFSG license and therefore isn't installed in the Debian package or included in the source package. Remove the references to it in the build system and schema catalog. |
0007 Security fix from V2.5.4 for CVE 2015 2684.patch | (download) |
shibsp/handler/impl/SAML2Consumer.cpp |
4 4 + 0 - 0 ! |
security fix from v2.5.4 for cve-2015-2684 Shibboleth SP software crashes on malformed input messages =============================================================== The SP software includes an authenticated denial of service vulnerability that results in a crash on certain kinds of malformed SAML messages. The vulnerability is only triggered when special conditions are met and after a message or assertion signature has been verified, so exploitation requires a message produced under a trusted key, limiting the impact. URL for the full Security Advisory: https://shibboleth.net/community/advisories/secadv_20150319.txt |