changes_fields:
Architecture: all
Binary: libshiro-java
Changed-By: "Roberto C. S\xE1nchez <roberto@debian.org>"
Changes: |2-
shiro (1.3.2-5) unstable; urgency=medium
.
* Team upload.
* Update patch for Spring Framework 4.3.x build failure.
* Cherry-pick upstream patch with Guice improvements.
* CVE-2020-1957: Fix a path-traversal issue where a specially-crafted request
could cause an authentication bypass. (Closes: #955018)
* CVE-2020-11989: Fix an encoding issue introduced in the handling of the
previous CVE-2020-1957 path-traversal issue which could have also caused an
authentication bypass.
* CVE-2020-13933: Fix an authentication bypass resulting from a specially
crafted HTTP request. (Closes: #968753)
* CVE-2020-17510: Fix an authentication bypass resulting from a specially
crafted HTTP request.
Checksums-Sha1:
- name: libshiro-java_1.3.2-5_all.deb
sha1: 2a6f24e47323402ed55d83a7c7ee5a9320d167c9
size: '576040'
- name: shiro_1.3.2-5_arm64.buildinfo
sha1: c4d1529cc11aa28cf99341521a503da1691561a6
size: '14451'
Checksums-Sha256:
- name: libshiro-java_1.3.2-5_all.deb
sha256: 6ec7d102f9cb8125314e37aba6138d71010f4998e17e2b2b275c6177bdcc1088
size: '576040'
- name: shiro_1.3.2-5_arm64.buildinfo
sha256: a4c132cba42f2f3a14a899bf286a409d62423c3b9c7a78c6d92f9d1bb3c793c4
size: '14451'
Closes: 955018 968753
Date: Fri, 27 Aug 2021 13:10:19 -0400
Description: |2-
libshiro-java - Apache Shiro - Java Security Framework
Distribution: sid
Files:
- md5sum: a5f3714ce94f523bb662587f9e22203d
name: libshiro-java_1.3.2-5_all.deb
priority: optional
section: java
size: '576040'
- md5sum: 4a12a5f45efb27b0b18ffbd7b3dc3f47
name: shiro_1.3.2-5_arm64.buildinfo
priority: optional
section: java
size: '14451'
Format: '1.8'
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Source: shiro
Urgency: medium
Version: 1.3.2-5
type: dpkg