-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Sep 2025 12:38:25 +0200
Source: shibboleth-sp
Binary: libshibsp-doc shibboleth-sp-common
Architecture: all
Version: 3.4.1+dfsg-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Description:
 libshibsp-doc - Federated web single sign-on system (API docs)
 shibboleth-sp-common - Federated web single sign-on system (common files)
Closes: 1114506
Changes:
 shibboleth-sp (3.4.1+dfsg-2+deb12u1) bookworm-security; urgency=high
 .
   * [80ae771] New patch: SSPCPP-1014 - Extend escaping in strings.
     Fix SQL injection vulnerability in Service Provider ODBC plugin:
     specially crafted inputs can exfiltrate information stored in the
     database used by the SP.  The vulnerability is moderate to high
     severity for anyone using the ODBC plugin, and of no impact for others.
     Thanks to Scott Cantor (Closes: #1114506)
Checksums-Sha1:
 fdbd677bc8df44904c0023ae7aff3a17a82a6514 3380900 libshibsp-doc_3.4.1+dfsg-2+deb12u1_all.deb
 09ac37795179297a21a79aeef3072e627cb98701 44268 shibboleth-sp-common_3.4.1+dfsg-2+deb12u1_all.deb
 1d33218f9b047f089f84965d3e249946a0c9c2f1 11469 shibboleth-sp_3.4.1+dfsg-2+deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 cf3130c92d3305ffde0c35dcade9d5c8bba9cd1d302cbd8e1bcdd2cf7b00e38c 3380900 libshibsp-doc_3.4.1+dfsg-2+deb12u1_all.deb
 fa2890ca0dda3e0e923d9e11df4dce04fcfc6f53072771b8287f4f83be8cb66a 44268 shibboleth-sp-common_3.4.1+dfsg-2+deb12u1_all.deb
 1a60367b14a9476317c60b33ad49a17e8187b939e2cabd94cc823e8d1b2edb78 11469 shibboleth-sp_3.4.1+dfsg-2+deb12u1_all-buildd.buildinfo
Files:
 ec70f7caf404dfb41d5f24c35e7d66f0 3380900 doc optional libshibsp-doc_3.4.1+dfsg-2+deb12u1_all.deb
 5896238813e2ddaa58ec6d1f32a1c14f 44268 libs optional shibboleth-sp-common_3.4.1+dfsg-2+deb12u1_all.deb
 1b9230d06434420712fc2b0f24b22a38 11469 web optional shibboleth-sp_3.4.1+dfsg-2+deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEj4Fym5GgeZdPqKhrJm69HxMTN+oFAmi8hzQACgkQJm69HxMT
N+pDEQ//YkP5aN3hqTOW3/srVPCR+kQiB9sEWgHRbVRLRTHVrGeWtHyDoIz1ImbL
CdI2DcFrnoQJiIYiSye2vPzxYgKqYLLZdpdctlH+eBNBOAsenQ3hqMYKdTJIgy/R
XvoLnaY0tbIOk7EzX/wLDBQux3nJUxMFiw9hsP7PDdb6GlUp2F2oG1V/xRg4pSvX
8iOVSGN5QcZJqGe0HeVnIM8J7549ld1ZaADcDSfNJAHZA69nLR90F/XnIgDYL64u
5bGFMzFkLj0P/iq8Z/M6vUBFzerAEaVx7PELOjYRrAoJIOsEXnE7LIG6vVr3HBnx
XRAh5oQXUOd5+v7+Uexwe4nZO1IsSCWFckpoTlWyseHLHEFQR4qcciX7JxMNMWQC
fcfsdsfGQyncvnTj4XFAQXDekLtnxVF3M9JAsOHEz5QF3hqOB10N0QUEPQoNfjzT
lIAJlh8BUTZaCOOnd4/7AS9ZmD1vggR7FkV59U/M9i2m3D4j3LW0VfcbzQPqfn01
BSHoUzwElC1g3tNoZ85BaCMgOw5v2n815qVMvvMuOCzk+17TiawXbEnYjLpniRPZ
J8pyMRF1qqiBlBF2NZJ0gLX/bXGTR3PFTRSMtMWt6wMwXpicvwE2P6ZogcIgJOsl
V1vjXXnGGTpDeKTLgwnvxDqTEJceeSTHVtj33pq7aCyX56IwJes=
=vAwq
-----END PGP SIGNATURE-----