Another question though. Why is this bug now "incomplete" when there's a
CVE that confirms this version has a flaw? It doesn't seem unverifiable.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1752306
Thanks for the explanation. Unfortunately all the debian packaging stuff
puts it out of reach for me. I'll look into simply building my own stack
from source.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/b
It's been 2 weeks since this critical vuln was announced, and SPs
running Shibboleth on Ubuntu are dead in the water or insecure. Does
Ubuntu have any fix plan for this?
I've tried porting the Debian package stack myself but there are build
failures I don't have time to pursue.
--
You received t
Timeline?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1752306
Title:
Security bug in XMLTooling-C before 1.6.4 [CVE-2018-0489]
To manage notifications about this bug go to:
https://bugs.launchpad
To emphasize, this vulnerability allows remote access as any valid user
by any third party with no local foothold. It's a very bad one.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1752306
Title:
S