-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Sep 2025 12:38:25 +0200
Source: shibboleth-sp
Architecture: source
Version: 3.4.1+dfsg-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@alioth-lists.debian.net>
Changed-By: Ferenc Wágner <wferi@debian.org>
Closes: 1114506
Changes:
 shibboleth-sp (3.4.1+dfsg-2+deb12u1) bookworm-security; urgency=high
 .
   * [80ae771] New patch: SSPCPP-1014 - Extend escaping in strings.
     Fix SQL injection vulnerability in Service Provider ODBC plugin:
     specially crafted inputs can exfiltrate information stored in the
     database used by the SP.  The vulnerability is moderate to high
     severity for anyone using the ODBC plugin, and of no impact for others.
     Thanks to Scott Cantor (Closes: #1114506)
Checksums-Sha1:
 ee2cb5feba6987b6f6fd0bbee2d61a31d0bda9c3 2901 shibboleth-sp_3.4.1+dfsg-2+deb12u1.dsc
 b2ae88bd22c8fd1700d25168e576c175ab74e6b6 649532 shibboleth-sp_3.4.1+dfsg.orig.tar.xz
 a1351ab9f8dbc528459f0b3803d7c5e7be86548b 41772 shibboleth-sp_3.4.1+dfsg-2+deb12u1.debian.tar.xz
 6f7d3389ab7c65937009250d24fa3a886f8cc76c 14912 shibboleth-sp_3.4.1+dfsg-2+deb12u1_amd64.buildinfo
Checksums-Sha256:
 1f319cce83b77f65ff4d2910905124c290bfbf07b4b88b86f1789f930039d472 2901 shibboleth-sp_3.4.1+dfsg-2+deb12u1.dsc
 f7f4736ab66d08ae94b861adf3ddd15ad5fbe0ace1010a2bd2c0d32a92f9f047 649532 shibboleth-sp_3.4.1+dfsg.orig.tar.xz
 43841e7713c85dc52c0cce6de685905a35c4d7a98c0c2aefab24d611b5a3a345 41772 shibboleth-sp_3.4.1+dfsg-2+deb12u1.debian.tar.xz
 cb7b15a82d9f4c043839bcaa9ec9c83f773a04ad352bc9f6d1e3ee85072ccd6f 14912 shibboleth-sp_3.4.1+dfsg-2+deb12u1_amd64.buildinfo
Files:
 74d57c102283bd32d5b97dacff04ac7f 2901 web optional shibboleth-sp_3.4.1+dfsg-2+deb12u1.dsc
 12d5d61f37a0fc6a55c63fa71ff9037c 649532 web optional shibboleth-sp_3.4.1+dfsg.orig.tar.xz
 41f6b26ab6ae9464b75d901bdc08d178 41772 web optional shibboleth-sp_3.4.1+dfsg-2+deb12u1.debian.tar.xz
 2b8629611595685a7baa38ec2b1ab271 14912 web optional shibboleth-sp_3.4.1+dfsg-2+deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwddEx0RNIUL7eugtOsj3Fkd+2yMFAmi8EmcACgkQOsj3Fkd+
2yOWZRAAn1hJCcLoziCPY/12/kIZnqE6XnAzBR7TZE4fssK+uFLExPBkwtRJ+FUQ
d1bayBqKhturzucycFZZcnVxrHa0bbF4jbm690erodoF+Y9jdGtIv9htSrtCupBi
vYVHudm2MSOgXDb+yNUZmeBYtStSNbiybLK4rI8hXzuPXu1YvXBhxkP/SzWHrp8+
4+myyeaoQxe87Xt3ny9FOeNcCbQWW4HtC+1dlF06QPNjXNE4HNqraxJ6nXBuN3a8
g1YTJD8w3xwL7ziEFmWD0wAxqySgk34uDxZYTn5TXTmHmV0k6omDuJQa1BBhCSOO
qIgx9upqt9AUiC5MiTGnzLAXxlgtokGOohG/i7ZjEc9IeRZFjVu/EPbZZXukSFmM
AabhjvQeKE2W3iCK9zRizneH5LrxAtCcbjIH3LFSRU2j92Jq1jufbDEr4O9JbZjO
euIpelZ74uyyvg7h85vZ35lv4RgAz9by02YhDx/yeGirMqNcQZJ1oPsTe5X5Rgfi
fuYbUOLaHgGY5lgudtahDZDf1gH1Bo3pvByL5K8m+wbwIzahU3GFah4l8at8nGmy
tOLagO789Rh88mR79hMxcS5hNbbsY1cByltktRzJxEZy63ng404PSoqsPI3Gus+d
vlKoBqrWLds6S2LcFaypqpQ3J/pD9iyMDOsYKY8zzgGYNFJrsz8=
=PZWK
-----END PGP SIGNATURE-----