-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 15 Sep 2024 17:56:19 +0200
Source: ruby-saml
Architecture: source
Version: 1.13.0-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Ruby Team <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1081560
Changes:
 ruby-saml (1.13.0-1+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * SAML authentication bypass via Incorrect XPath selector (CVE-2024-45409)
     (Closes: #1081560)
Checksums-Sha1:
 1f039acf18feb07bc25882e42c1d1e0046852e2b 2230 ruby-saml_1.13.0-1+deb12u1.dsc
 c2ac6adc68060a610e1a4d0c33215f05637161a2 70190 ruby-saml_1.13.0.orig.tar.gz
 f85c9eb9fa4329f85f1341f2c930e45759a1aab0 10468 ruby-saml_1.13.0-1+deb12u1.debian.tar.xz
 9fc9698c4a6ba79d06e6c14674e4fe096609aa9e 7227 ruby-saml_1.13.0-1+deb12u1_source.buildinfo
Checksums-Sha256:
 f99f665258e24d1bfb1478dfba8b7706b4b7664563cec22eaf08da7f31689002 2230 ruby-saml_1.13.0-1+deb12u1.dsc
 f8a0782481a6fd36a902d2b2001054473226189dbc33dcded27fb483d47bd102 70190 ruby-saml_1.13.0.orig.tar.gz
 68d980ea94dc39e612f4749f653a790fa1536d6c224b7c1bb4fb8c02f6529940 10468 ruby-saml_1.13.0-1+deb12u1.debian.tar.xz
 2e1bcb2aa9497f9b34cb3083b7cc1fe75a9b9775aaafb0a32a6c4cc686d82102 7227 ruby-saml_1.13.0-1+deb12u1_source.buildinfo
Files:
 d26ef3ff8e26de19d9e5d6560548d0ee 2230 ruby optional ruby-saml_1.13.0-1+deb12u1.dsc
 f81e8b13bb5fe0833b6b5ee09cb0d224 70190 ruby optional ruby-saml_1.13.0.orig.tar.gz
 c18068977cce871ee08634bc0cf0ed37 10468 ruby optional ruby-saml_1.13.0-1+deb12u1.debian.tar.xz
 eee50683702c01d485079679a419f7d4 7227 ruby optional ruby-saml_1.13.0-1+deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmbnBAJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EDkYP/3sLy6A2IfifMBsJdCJarkMjBZRi95Y/
R9R9nm1x+DvFdpULIxRyY5jQ85UpDRFYvsJLpRNcuBuk6Bk9Q5Ki4PuvjCuE5lug
3MpiAWUpmMaB3cCHlNTWMJ+r4sV3J3xVQXT7nV7UHtZl4R6XcU/RkbW/1sEvDQP7
T5riKsAUiElxQxWpXdku84RCuluLU9YgrRFJWPOV5Dw4dhkeJQDZMK3D+NBdClH3
JRn9wsU8MzxxhWv7oEkW41IyYIuOZXeMojFFrZpQBUIlN/KOcjwQA+SpgD2ET4pw
pYiGQxgc9WxicOI1wqbNAvdxNfQmPcNwYbaNlN2ShgvMEFydp5NET0KzQWuHQxWQ
ZHLTkE0kAu8wWIuPF1tFCUGM9LqigtqeHHH/f2KnS01v/IeEKlPSVaknqnYNiT1r
azzNvj5AubR82hp7VOZAvCWP9aRHXbHFnyajqtCIWNd/GS/ul4UfYmX04T6rafpB
i8twaGD2CzAtO2cQdkmqIj+lTIz1tsROEZtV0XM9alLH+qUTv96ewpyY9IGzXtkJ
y4rzcV37lJvA/aCS1+9DdRVu6E/HWOu1tGO1MpSrbzdoCqzKsx9y7TR0hX0tMf42
nbmJXREhQNHnJcMr5BxAfnN3KU+1tZkK4CpQ/kB1M+g4W79K7R2p9Ftnzsp2GvJE
m3Xb3X1GuPEI
=pTOD
-----END PGP SIGNATURE-----