Tags: security upstream fixed-upstream
the following vulnerability was published for libopensaml2-java. Note
that I don't know libopensaml2-java well enough, so could you assess
if this affeccts Debian as well, and if the severity is approriate (if
not please feel free to downgrade it). Information follows:
PKIX Trust Engines Exhibit Critical Flaw In Trusted Names Evaluation
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
This is the maintainer address of Debian's Java team
debian-j...@lists.debian.org for discussions and questions.