Information on source package shibboleth-sp

Available versions

ReleaseVersion
bullseye3.2.2+dfsg1-1
bookworm3.4.1+dfsg-2
trixie3.5.0+dfsg-2
sid3.5.0+dfsg-2

Open unimportant issues

BugbullseyebookwormtrixiesidDescription
CVE-2019-19191vulnerablevulnerablevulnerablevulnerableShibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file ...

Resolved issues

BugDescription
CVE-2023-22947Insecure folder permissions in the Windows installation path of Shibbo ...
CVE-2021-31826Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointe ...
CVE-2021-28963Shibboleth Service Provider before 3.2.1 allows content injection beca ...
CVE-2010-2450The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/s ...
CVE-2009-3476Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibbole ...
CVE-2009-3475Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and ...
CVE-2009-3474OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as used by ...
CVE-2009-3300Multiple cross-site scripting (XSS) vulnerabilities in the Identity Pr ...

Security announcements

DSA / DLADescription
DSA-4905-1shibboleth-sp - security update
DSA-4872-1shibboleth-sp - security update
DSA-1947-1opensaml2 shibboleth-sp shibboleth-sp2 - cross-site scripting
DSA-1896-1opensaml shibboleth-sp - potential code execution
Search for package or bug name: Reporting problems