Moritz Mühlenhoff <j...@inutil.org> writes: > Please build with -sa (as the tarball is new in stretch-security) and > upload to security-master.
Source-only upload done, with orig tarball but without buildinfo. Hope it's fine. Unfortunately the CVE hasn't arrived yet; I'll forward it to you once it does. My acknowledgement mail is of subject "CVE Request 548000 for CVE ID Request" from cve-requ...@mitre.org (just for the record). The corresponding upstream security advisory has just come out: https://shibboleth.net/community/advisories/secadv_20180803.txt -- Thanks, Feri
