Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-4038-1:D9580
HistoryNov 16, 2017 - 9:27 p.m.

[SECURITY] [DSA 4038-1] shibboleth-sp2 security update

2017-11-1621:27:30
lists.debian.org
14

EPSS

0.004

Percentile

75.0%

JSON

Debian Security Advisory DSA-4038-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
November 16, 2017 https://www.debian.org/security/faq

Package : shibboleth-sp2
CVE ID : CVE-2017-16852
Debian Bug : 881857

Rod Widdowson of Steading System Software LLP discovered a coding error
in the "Dynamic" metadata plugin of the Shibboleth Service Provider,
causing the plugin to fail configuring itself with the filters provided
and omitting whatever checks they are intended to perform.

For the oldstable distribution (jessie), this problem has been fixed
in version 2.5.3+dfsg-2+deb8u1.

For the stable distribution (stretch), this problem has been fixed in
version 2.6.0+dfsg1-4+deb9u1.

We recommend that you upgrade your shibboleth-sp2 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian9i386libshibsp7-dbgsym< 2.6.0+dfsg1-4+deb9u1libshibsp7-dbgsym_2.6.0+dfsg1-4+deb9u1_i386.deb
Debian8kfreebsd-amd64libapache2-mod-shib2< 2.5.3+dfsg-2+deb8u1libapache2-mod-shib2_2.5.3+dfsg-2+deb8u1_kfreebsd-amd64.deb
Debian9mips64ellibshibsp-dev< 2.6.0+dfsg1-4+deb9u1libshibsp-dev_2.6.0+dfsg1-4+deb9u1_mips64el.deb
Debian9armhflibshibsp7< 2.6.0+dfsg1-4+deb9u1libshibsp7_2.6.0+dfsg1-4+deb9u1_armhf.deb
Debian9armhflibshibsp7-dbgsym< 2.6.0+dfsg1-4+deb9u1libshibsp7-dbgsym_2.6.0+dfsg1-4+deb9u1_armhf.deb
Debian9i386shibboleth-sp2-utils< 2.6.0+dfsg1-4+deb9u1shibboleth-sp2-utils_2.6.0+dfsg1-4+deb9u1_i386.deb
Debian9mips64ellibapache2-mod-shib2< 2.6.0+dfsg1-4+deb9u1libapache2-mod-shib2_2.6.0+dfsg1-4+deb9u1_mips64el.deb
Debian9ppc64ellibshibsp-plugins-dbgsym< 2.6.0+dfsg1-4+deb9u1libshibsp-plugins-dbgsym_2.6.0+dfsg1-4+deb9u1_ppc64el.deb
Debian9armellibshibsp7-dbgsym< 2.6.0+dfsg1-4+deb9u1libshibsp7-dbgsym_2.6.0+dfsg1-4+deb9u1_armel.deb
Debian9arm64libshibsp7-dbgsym< 2.6.0+dfsg1-4+deb9u1libshibsp7-dbgsym_2.6.0+dfsg1-4+deb9u1_arm64.deb
Rows per page:
1-10 of 1721

Related

suse 2
debian 2
openvas 4
ubuntucve 1
osv 3
nessus 4
prion 1
debiancve 1
cvelist 1
cve 1
nvd 1
suse
suse
Security update for shibboleth-sp (important)
2017-12-07 03:06:51
Security update for shibboleth-sp (important)
2017-12-05 21:10:58
debian
debian
[SECURITY] [DSA 4038-1] shibboleth-sp2 security update
2017-11-16 21:27:30
[SECURITY] [DLA 1179-1] shibboleth-sp2 security update
2017-11-18 20:24:33
openvas
openvas
openSUSE: Security Advisory for shibboleth-sp (openSUSE-SU-2017:3229-1)
2017-12-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:3215-1)
2021-04-19 00:00:00
Debian: Security Advisory (DSA-4038-1)
2017-11-15 00:00:00
ubuntucve
ubuntucve
CVE-2017-16852
2017-11-16 00:00:00
osv
osv
shibboleth-sp2 - security update
2017-11-18 00:00:00
shibboleth-sp2 - security update
2017-11-16 00:00:00
libshibsp-lite10-3.2.3-1.2 on GA media
2024-06-15 00:00:00
nessus
nessus
Debian DLA-1179-1 : shibboleth-sp2 security update
2017-11-20 00:00:00
openSUSE Security Update : shibboleth-sp (openSUSE-2017-1348)
2017-12-14 00:00:00
SUSE SLES12 Security Update : shibboleth-sp (SUSE-SU-2017:3215-1)
2017-12-06 00:00:00
prion
prion
Security feature bypass
2017-11-16 17:29:00
debiancve
debiancve
CVE-2017-16852
2017-11-16 17:29:00
cvelist
cvelist
CVE-2017-16852
2017-11-16 17:00:00
cve
cve
CVE-2017-16852
2017-11-16 17:29:00
nvd
nvd
CVE-2017-16852
2017-11-16 17:29:00

EPSS

0.004

Percentile

75.0%

JSON
Related for DEBIAN:DSA-4038-1:D9580
suse2debian2openvas4ubuntucve1osv3nessus4prion1debiancve1cvelist1cve1nvd1