| Release | Version |
|---|---|
| jessie | 1.5.3-2+deb8u5 |
| stretch | 1.6.0-4+deb9u2 |
| buster | 3.0.4-1+deb10u2 |
| bullseye | 3.2.0-3+deb11u1 |
| bookworm | 3.2.3-1+deb12u1 |
| trixie | 3.2.4-2.1 |
| sid | 3.2.4-2.1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-36661 | fixed | vulnerable | fixed | fixed | fixed | fixed | fixed | Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth ... |
| Bug | Description |
|---|---|
| CVE-2019-9628 | The XMLTooling library all versions prior to V3.0.4, provided with the ... |
| CVE-2018-0489 | Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Pr ... |
| CVE-2018-0486 | Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Pr ... |
| CVE-2015-0851 | XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Servic ... |
| CVE-2009-3476 | Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibbole ... |
| CVE-2009-3475 | Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and ... |
| CVE-2009-3474 | OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as used by ... |
| DSA / DLA | Description |
|---|---|
| ELA-877-1 | xmltooling - security update |
| DLA-3464-1 | xmltooling - security update |
| DSA-5432-1 | xmltooling - security update |
| DLA-1710-1 | xmltooling - security update |
| ELA-92-1 | xmltooling - security update |
| DSA-4407-1 | xmltooling - security update |
| DLA-1296-1 | xmltooling - security update |
| DSA-4126-1 | xmltooling - security update |
| DLA-1242-1 | xmltooling - security update |
| DSA-4085-1 | xmltooling - security update |
| DLA-290-1 | xmltooling - security update |
| DSA-3321-1 | xmltooling - security update |
| DSA-1895-1 | xmltooling - potential code execution |