-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5879-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 16, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : opensaml CVE ID : not yet available Alexander Tan discovered that the OpenSAML C++ library was susceptible to forging of signed SAML messages. For additional details please refer to the upstream advisory at https://shibboleth.net/community/advisories/secadv_20250313.txt For the stable distribution (bookworm), this problem has been fixed in version 3.2.1-3+deb12u1. We recommend that you upgrade your opensaml packages. For the detailed security status of opensaml please refer to its security tracker page at: https://security-tracker.debian.org/tracker/opensaml Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmfXICAACgkQEMKTtsN8 TjZmyg/9H263wYNCU3wtNVSqbeZzirWnsLWj2EE9RBFIlN0eCanhF7P9seZ37dy5 VXPc/rLNY+WQWnuypz8Rz7c24znrmygRS7b0FXRN5mTGS5jd6fH+StzcMvSYVTps JZYHvqjd0Fz6IQUjoch+kVPLwDtIH7qMQ1ClKbXRUhXtnn2W72hvrvczmWsHP0e3 zVih4LA22/XOsNsbpEFWNQx9VBbANRl/fMpOsvcpvPW8DaQZ7rzcYCCCXzODv9Rd S7aGCh8hoj3ZZ0vEuYXmdO+0HS270AgH+n57NFd5anrHdMwRFYow/zTFKjhEveqz kd8xEbF5W2sN8wSYo9lKCqxh2T2waLTbQXsLkD0iMnhaC+pvWwkvcUDcCygIj3S9 t5A+ezSRM1jIwSmU9unU3FoUF/5h4UaoQw171GsQj939Z3YLei83DSMuOsG3gQ0S uc0P4Rs4mUAE6ZQtJxz3DR4u07Pn7fatUVBJTmgUxioR2/Wxy9OWXVb3mW5AZEzy GsE4/1CbwQU84GZhweJ2fer6Ack9/bmVBL0VBcDG7JDMb3ZPj7FIwsoRCz82s1AT TitGr50EyOMQjGikwiAvDEDZjer2wa/clkgOU5og10e7PfYgQliTE7/AXlI5Kpn0 UxFEQDOTjFMiZKKv6j0VAz+ScVXpj44R/lxLByKVCq/SCZaIygc= =psIo -----END PGP SIGNATURE-----