Source: libopensaml2-java
Version: 2.6.2-1
Severity: grave
Tags: security upstream fixed-upstream


the following vulnerability was published for libopensaml2-java. Note
that I don't know libopensaml2-java well enough, so could you assess
if this affeccts Debian as well, and if the severity is approriate (if
not please feel free to downgrade it). Information follows:

PKIX Trust Engines Exhibit Critical Flaw In Trusted Names Evaluation

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:



This is the maintainer address of Debian's Java team
Please use for discussions and questions.

Reply via email to