lp:debian/wheezy/simplesamlphp
- Get this branch:
- bzr branch lp:debian/wheezy/simplesamlphp
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 14. By Thijs Kinkhorst
-
New upstream security release:
Fix possible issue in PKCS 1.5 encryption when a key is
correctly decrypted but its length is not the one expected. - 13. By Thijs Kinkhorst
-
New upstream security release:
Fix for an attack against PKCS 1.5 in XML encryption. - 10. By Thijs Kinkhorst
-
* New upstream release candidate.
- Addresses PHP 5.4 compatibility (closes: #658875).
* Update for Apache 2.4 (closes: #669795).
* Checked for policy 3.9.3. - 8. By Thijs Kinkhorst
-
* New upstream release. Fixes security issues:
- It may be possible to use an SP as a oracle to decrypt
encrypted messages sent to that SP. This is the attack
described in the paper "How to break XML encryption":
http://dx.doi. org/10. 1145/2046707. 2046756
- It may be possible to use the SP as a key oracle which
can be used to forge messages from that SP by issuing
300000-2000000 queries to the SP. This mainly affects
SPs that use signed authentication requests. The attack
is described in "Chosen Ciphertext Attacks Against
Protocols Based on the RSA Encryption Standard PKCS #1.":
http://www.iacr. org/cryptodb/ data/paper. php?pubkey= 1037 - 6. By Thijs Kinkhorst
-
Install all config files that simpleSAMLphp ships in config/ under
our /etc/simplesamlphp/ (closes: #610973).
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:debian/simplesamlphp