Matthew Vernon uploaded new packages for shibboleth-sp which fixed the
following security problems:
CVE-2015-2684
A denial of service vulnerability was found in the Shibboleth (a
federated identity framework) Service Provider. When processing
certain malformed SAML messages generated by an authenticated
attacker, the daemon could crash.
For the wheezy-backports distribution the problems have been fixed in
version 2.5.3+dfsg-2~bpo70+1.