Proposed security patch for opensaml2
Russ Allbery
rra at debian.org
Wed Sep 23 01:49:10 UTC 2009
"Scott Cantor" <cantor.2 at osu.edu> writes:
> Russ Allbery wrote on 2009-09-22:
>> This one is much smaller. I think this is all that's required for the 2.x
>> series. (I'm working on security patches for the 1.x series now.)
> I'll start here since it's a smaller set.
> The fix for the "use" bug is the diff you included to
> MetadataCredentialCriteria.h, so you're good there.
>> * Include fix for https://bugs.internet2.edu/jira/browse/CPPOST-7
> This bug is something different and is not really a security fix, more
> an interop thing. Are you including it? If so, I didn't see that diff
> included, so I wasn't sure.
That's the top entry of the previous changelog and wasn't part of this
diff. The context that the changelog diff generated ended up being a bit
confusing.
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
More information about the Pkg-shibboleth-devel
mailing list