Shibboleth-SP 3.0.4 update
wferi at niif.hu
wferi at niif.hu
Fri Mar 15 08:16:40 GMT 2019
"Cantor, Scott" <cantor.2 at osu.edu> writes:
> On 3/13/19, 8:47 AM, "Pkg-shibboleth-devel on behalf of Etienne Dysli Metref" <pkg-shibboleth-devel-bounces+cantor.2=osu.edu at alioth-lists.debian.net on behalf of etienne.dysli-metref at switch.ch> wrote:
>
>> I think we should try and get the new version in buster, that would
>> be better, also for stretch-backports. If the Release Team disagrees,
>> then just ship a patch.
>
> I'd certainly appreciate it if that's possible. The less divergence
> there is with what's officially released and what's available in
> Debian is best, so If there's something I can do to assist, let me
> know.
XMLTooling 3.0.4 was unblocked as-is, hurray.
OpenSAML 3.0.1 does not seem to bring important changes, so I'd leave it
alone if you agree.
The SP patches are a mixed bunch, though. The boost::bind() changes are
familiar and theoretically important, as I understand. The _shibpost
cookie limit sounds somewhat niche, though, and if it "randomly breaks
in tabbed situations", them I'm hesitant to push it. The copy of the
<SSO> attributes is handy... Is it something one can work around by
speeling out the individual SessionInitiators? I don't get the part
about the MessageEncoders. Finally, the exception handling -- I guess
the documentation allows for these exceptions, and you can't rule out
them actually happening, so you'd better handle them, right?
I'll ask the Release Team about this, but first I want to make sure I've
got an approximate idea about the meaning of the changes.
--
Feri
More information about the Pkg-shibboleth-devel
mailing list