Security fixes for opensaml2 and xmltooling
Russ Allbery
rra at debian.org
Wed Sep 23 20:00:25 UTC 2009
Florian Weimer <fw at deneb.enyo.de> writes:
> * Russ Allbery:
>> I concur -- my sense is that the problem with properly processing key use
>> limitations is rare and won't matter for most sites (if for no other
>> reason than that it assumes a level of care about how X.509 certificates
>> are used that I rarely see in practice).
> Good. So you should move this to debian-release. I don't think you
> need to wait for the xmltooling update.
Okay, will do. Thank you very much for all of your help with this.
A patch for opensaml and shibboleth-sp to address the same issues in the
1.x version of Shibboleth (including the same URL decoding issue) will be
coming shortly.
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
More information about the Pkg-shibboleth-devel
mailing list