Was fixed in Bionic
---
opensaml2 (2.6.1-1) unstable; urgency=high
* [0c08870] New upstream release (2.6.1)
Security fix for CVE-2017-16853:
Rod Widdowson of Steading System Software LLP discovered a coding error in
the OpenSAML library, causing the DynamicMetadataProvider class to fail
configuring itself with the filters provided and omitting whatever checks
they are intended to perform.
* [0795c42] Refresh our patches
* [1f742ec] Update Standards-Version to 4.1.1 (no changes needed)
* [5bed74f] Bump XMLTooling dependency version to 1.6.
This isn't strictly required, but the stack is always updated in
lockstep, so why not follow the upstream spec file in this respect.
-- Ferenc Wágner <[email protected]> Mon, 20 Nov 2017 10:46:24 +0100
** Changed in: opensaml2 (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732606
Title:
CVE-2017-16852 Shibboleth Service Provider Security Advisory [15
November 2017]
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/opensaml2/+bug/1732606/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
