Bug#1007740: curl breaks xmltooling autopkgtest

On 3/15/22, 8:08 PM, "Daniel Stenberg" wrote: >This is probably the same issue as Bug #1007739. Triggered by a bug in > curl >for CN-only certificates: Ah, probably is. This vhost does use a self-signed cert with a CN only, not Let's Encrypt, and I can't think why else it would be

Bug#1007740: curl breaks xmltooling autopkgtest

I would speculate that this isn't caused by curl, but by openssl bumping. I reproduced the test failure on a Mac, and the change log for openssl 3.0.2 includes a very suspicious incompatible change to a critical function. I need to dig into it, and I don't know when that will be at this point.

Bug#1007740: curl breaks xmltooling autopkgtest

Looking more closely, I'm going to hope curl is at fault and that this is actually "just" a CA list issue. It's very unusual for any of this code to rely on "default" trust store handling but I'm wondering if this code is tripping on that for some reason. If so, it's likely due to the Let's

Bug#915007: opensaml2 FTBFS with xmltooling 3

On 12/1/18, 4:48 AM, "Pkg-shibboleth-devel on behalf of wf...@niif.hu" wrote: > Please let me know if you need any help; for example I can see that > version 3 of the resolver uses pkg-config for finding the SP, which is > cool in principle but nobody tested it in Debian yet, so that may >

Bug#915044: shibboleth-resolver FTBFS with new log4shib/xmltooling/shibboleth-sp stack

The resolver library upstream has already been updated to reflect all these necessary changes so you're just duplicating that work. -- Scott

Bug#859829: bump

> Scott, have you perhaps got a new estimate for the timing of the 3.0 release? Summer probably. -- Scott

Bug#881857: add CVE

On 11/17/17, 11:48 AM, "Pkg-shibboleth-devel on behalf of Ferenc Wágner" wrote: > Now, this is still ongoing: > https://release.debian.org/transitions/html/auto-xerces-c.html > The upstream fixes

Bug#844263: libxml-security-c-dev: depending on libssl1.0-dev breaks open-vm-tools

> It's worth noting that Apache also requires OpenSSL 1.0, which may also > affect what the Shibboleth stack can link against. No, that code is isolated into shibd, mod_shib doesn't link to it. That was deliberate of course, for exactly this reason. There are edge cases. If you link Xerces to

Bug#828608: xmltooling: FTBFS with openssl 1.1.0

On 11/9/16, 3:55 PM, "Pkg-shibboleth-devel on behalf of Kurt Roeckx" wrote: > Can I just say this is really ugly code? It's called "internal", > you really have no business of touching this. And

Bug#828608: xmltooling: FTBFS with openssl 1.1.0

On 11/9/16, 1:13 PM, "Pkg-shibboleth-devel on behalf of Ferenc Wágner" wrote: >wf...@niif.hu (Ferenc Wágner) writes: > > > Can you recommend a reliable way to decide whether there really