Univention Bugzilla – Bug 43783
Upgrade simplesamlphp version
Last modified: 2017-04-04 18:29:38 CEST
There are 3 security vulnerabilities in simplesamlphp, fixed in debian stretch but not in wheezy/jessy: https://simplesamlphp.org/security/201612-01 https://simplesamlphp.org/security/201612-02 https://simplesamlphp.org/security/201612-03 We should upgrade our simplesamlphp package in UCS 4.2. Backport to 4.1 as well?
The version from stretch has been imported: """ Target Release: RelTag(major=4, minor=2, subminor=0, updatelevel=0, product='ucs', id=78) Merging possible patches from preversions A /tmp/tmpnjY4ZH/1.13.2-1 Checked out revision 17388. Merging patch from 1.13.2-1 A 1.14.11-1 Adding 1.14.11-1 Committed revision 17389. Writing new source revision to database Pruning older revisions in this release tag: 1.13.2-1 Merged id 83434 into release 4.2-0-0 Imported from deb suite=stretch Old Source Revision has been replaced: 75033 New Source Revision: 83434 """ The memcache patch has been removed as it is part of upstream: r17390 | Bug #43783: remove patch The Nutzername → Benutzername patch has been rebased: r17391 | Bug #43783: adjust patch Package: simplesamlphp Version: 1.14.11-1A~4.2.0.201703101201
Changed also the dependency from "php" to "php5" and restored dependency from previous version: r17392 | Bug #43783: fix PHP dependencies
OK: simplesamlphp update reopen: changelog entry missing
r77703 | Bug #43783: Changelog
Thanks, verified
*** Bug 43873 has been marked as a duplicate of this bug. ***
UCS 4.2 has been released: https://docs.software-univention.de/release-notes-4.2-0-en.html https://docs.software-univention.de/release-notes-4.2-0-de.html If this error occurs again, please use "Clone This Bug".