No update or recompile of the shibboleth-sp2 package is required for either the xml-security-c or the opensaml2 security advisories so far as I know. Only upgrading the libraries to patched versions and then restarting shibd and Apache is required, I think. The changes didn't affect the external API of the libraries, only the internal shared library code.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/807416 Title: Security bug in xml-security-c may require rebuilding of this package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shibboleth-sp2/+bug/807416/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
