xml-security-c 2.0.1-1 stretch backport [was: Re: shibboleth-sp 3.x package sources?]

Cantor, Scott cantor.2 at osu.edu
Fri Nov 2 14:02:53 GMT 2018

On 11/2/18, 9:48 AM, "Pkg-shibboleth-devel on behalf of Etienne Dysli Metref" <pkg-shibboleth-devel-bounces+cantor.2=osu.edu at alioth-lists.debian.net on behalf of etienne.dysli-metref at switch.ch> wrote:

> I suppose forcing xml-security-c 2 to build with xerces-c 3.1 is a bad idea, isn't it?

I don't think there are real dependencies, I did it to make a point about the state of Xerces more than anything else, and because it simplified my job making sure my packages weren't accidentally pulling in Red Hat's broken, insecure version of 3.1.

FWIW, a 2.0.2 should be out today.

-- Scott

More information about the Pkg-shibboleth-devel mailing list