subject:"Bug#555608\: CVE\-2009\-3300"

Bug#555608: CVE-2009-3300

2009-11-10 Thread Giuseppe Iuculano

Package: shibboleth-sp2 Severity: serious Tags: security -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, the following CVE (Common Vulnerabilities Exposures) id was published for shibboleth-sp2. CVE-2009-3300[0]: | Multiple cross-site scripting (XSS) vulnerabilities in the Identity |

Bug#555608: CVE-2009-3300

2009-11-10 Thread Russ Allbery

Giuseppe Iuculano iucul...@debian.org writes: the following CVE (Common Vulnerabilities Exposures) id was published for shibboleth-sp2. CVE-2009-3300[0]: | Multiple cross-site scripting (XSS) vulnerabilities in the Identity | Provider (IdP) 1.3.x before 1.3.4 and 2.x before 2.1.5, and the