Security fixes for opensaml2 and xmltooling
Florian Weimer
fw at deneb.enyo.de
Wed Sep 23 19:52:11 UTC 2009
* Russ Allbery:
>> I'm not sure if the opensaml2 part has to go through security-master.
>> If we fix this part through stable-proposed-updates, we should be able
>> to get the fix for shibboleth-sp2 by requesting a binNMU.
>
>> What do you think?
>
> I concur -- my sense is that the problem with properly processing key use
> limitations is rare and won't matter for most sites (if for no other
> reason than that it assumes a level of care about how X.509 certificates
> are used that I rarely see in practice).
Good. So you should move this to debian-release. I don't think you
need to wait for the xmltooling update.
More information about the Pkg-shibboleth-devel
mailing list