Your message dated Wed, 23 Jan 2019 11:57:25 +0100
with message-id <[email protected]>
and subject line Re: Bug#920254: liblasso3: SHA2 signatures are invalid
has caused the Debian Bug report #920254,
regarding liblasso3: SHA2 signatures are invalid
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
920254: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920254
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: liblasso3
Version: 2.5.0-5+b1
Severity: important
Dear Maintainer,
I'm using libapache2-mod-auth-mellon for providing an SAML SP which depends on
lasso. I need to use
SHA256 based signatures but those are generated wrongly because of a bug in
this version (upstream bug https://dev.entrouvert.org/issues/10019).
Version 2.5.1 fixes the problem, therefore I suggest updating to this version
or at least include the patch which fixes the problem.
Thanks!
-- System Information:
Debian Release: 9.6
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-8-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=locale: Cannot set
LC_ALL to default locale: No such file or directory
UTF-8), LANGUAGE=en_US:en (charmap=locale: Cannot set LC_ALL to default locale:
No such file or directory
UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages liblasso3 depends on:
ii libc6 2.24-11+deb9u3
ii libglib2.0-0 2.50.3-2
ii libssl1.0.2 1.0.2q-1~deb9u1
ii libxml2 2.9.4+dfsg1-2.2+deb9u2
ii libxmlsec1 1.2.23-0.1
ii libxmlsec1-openssl 1.2.23-0.1
ii libxslt1.1 1.1.29-2.1
ii zlib1g 1:1.2.8.dfsg-5
liblasso3 recommends no packages.
liblasso3 suggests no packages.
-- debconf information excluded
-- debsums errors found:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "de_AT.UTF-8",
LC_MONETARY = "de_AT.UTF-8",
LC_ADDRESS = "de_AT.UTF-8",
LC_TELEPHONE = "de_AT.UTF-8",
LC_NAME = "de_AT.UTF-8",
LC_MEASUREMENT = "de_AT.UTF-8",
LC_IDENTIFICATION = "de_AT.UTF-8",
LC_NUMERIC = "de_AT.UTF-8",
LC_PAPER = "de_AT.UTF-8",
LANG = "en_US.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_US.UTF-8").
--- End Message ---
--- Begin Message ---
Package: liblasso3
Version: 2.5.99-1
Hi,
Christoph Klaffl wrote:
> Package: liblasso3
> Version: 2.5.0-5+b1
> Severity: important
>
> Dear Maintainer,
>
> I'm using libapache2-mod-auth-mellon for providing an SAML SP which depends
> on lasso. I need to use
> SHA256 based signatures but those are generated wrongly because of a bug in
> this version (upstream bug https://dev.entrouvert.org/issues/10019).
> Version 2.5.1 fixes the problem, therefore I suggest updating to this version
> or at least include the patch which fixes the problem.
Version 2.6.0 is available in Debian testing already, it should be
easy to backport.
Frederic
--- End Message ---
