"Cantor, Scott" <cantor.2 at osu.edu> writes: > FWIW, a 2.0.2 should be out today. Hi Scott, http://santuario.apache.org/ states that 2.0.2 fixes a crash similar to the one fixed by 2.0.1. This latter was a DoS vector in Shibboleth, but I can't see a security advisory now; does this mean that SANTUARIO-496 is not exploitable? -- Thanks, Feri