[ubuntu/focal-security] shibboleth-sp 3.0.4+dfsg1-1ubuntu0.2 (Accepted)

Avital Ostromich avital.ostromich at canonical.com
Tue Jul 20 01:24:00 UTC 2021


shibboleth-sp (3.0.4+dfsg1-1ubuntu0.2) focal-security; urgency=high

  * SECURITY UPDATE: Session recovery feature contains a null pointer
    deference (LP: #1926250)
    - debian/patches/SSPCPP-927-Check-for-missing-DataSealer-during-cookie-
      rec.patch: Check for missing DataSealer during cookie recovery
    - https://shibboleth.net/community/advisories/secadv_20210426.txt
    - https://issues.shibboleth.net/jira/browse/SSPCPP-927
    - CVE-2021-31826

Date: 2021-07-02 19:14:09.879038+00:00
Changed-By: Etienne Dysli Metref <etienne.dysli-metref at switch.ch>
Signed-By: Avital Ostromich <avital.ostromich at canonical.com>
https://launchpad.net/ubuntu/+source/shibboleth-sp/3.0.4+dfsg1-1ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the Focal-changes mailing list