FWIW the Swiss federation operator (SWITCHaai) maintains a repository
with up-to-date versions of Shibboleth SP for trusty, precise, and
xenial: http://pkg.switch.ch/switchaai/
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bu
The advisory is already public, so there's no benefit in keeping this
bug report private.
** Also affects: opensaml2 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.lau
*** This bug is a security vulnerability ***
Public security bug reported:
The developers of the Shibboleth SP have released a security advisory
that affects all current versions of shibboleth-sp prior to V2.6.1. This
includes the versions currently available for all releases of Ubuntu.
The full
** Also affects: opensaml2 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1636590
Title:
Security advisory for Shibboleth SP2 - need to move to v2
The patch proposed by the Shibboleth developers is simple enough and
would appear to apply to earlier versions. Indeed, the bug has already
been patched in Debian stretch (2.6.0+dfsg1-4+deb9u1) and jessie
(2.5.3+dfsg-2+deb8u1) which appear to be the original packages from
which these derive. The De
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-16852
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732606
Title:
CVE-2017-16852 Shibboleth Service Provider Security Advisory [15
