[SCM] Debian packaging for OpenSAML 2.0 branch, debian, updated. upstream/2.2.1-66-gbe0e55e
rra at debian.org
Fri Nov 6 23:13:16 UTC 2009
The following commit has been merged in the debian branch:
Author: Russ Allbery <rra at debian.org>
Date: Fri Nov 6 15:09:10 2009 -0800
Add initial changelog for 2.3-1
diff --git a/debian/changelog b/debian/changelog
index d420552..5a2cb13 100644
@@ -1,3 +1,19 @@
+opensaml2 (2.3-1) unstable; urgency=high
+ * Urgency set to high for security fix.
+ * New upstream release.
+ - SECURITY: Partial fix for improper handling of URLs that could be
+ abused for script injection and other cross-site scripting attacks.
+ The complete fix also requires newer xmltooling and shibboleth-sp2
+ packages. (CVE-2009-3300)
+ - Fix crash on assertions with missing SubjectConfirmation.
+ - Remove inline functions except for templates or RAII patterns.
+ - Remove xml from the inclusive prefix list to avoid bugs in Apache
+ Java xmlsec.
+ - Honor digest algorithm in whole document signing with empty URI.
+ -- Russ Allbery <rra at debian.org> Fri, 06 Nov 2009 15:09:04 -0800
opensaml2 (2.2.1-1) unstable; urgency=low
* New upstream release.
Debian packaging for OpenSAML 2.0
More information about the Pkg-shibboleth-devel