1 opensaml2 (2.5+dfsg~moonshot3-1) unstable; urgency=low
5 -- Sam Hartman <hartmans@debian.org> Fri, 16 Dec 2011 11:44:02 -0500
7 opensaml2 (2.5+dfsg~moonshot2-1) unstable; urgency=low
11 -- Sam Hartman <hartmans@debian.org> Tue, 13 Dec 2011 15:28:33 -0500
13 opensaml2 (2.5+dfsg~moonshot1-2) unstable; urgency=low
17 -- Sam Hartman <hartmans@project-moonshot.org> Wed, 07 Dec 2011 11:54:44 -0500
19 opensaml2 (2.5+dfsg~moonshot1-1) unstable; urgency=low
21 * New upstream prerelease
23 -- Russ Allbery <hartmans@project-moonshot.org> Tue, 09 Aug 2011 16:37:46 -0400
25 opensaml2 (2.4.1-1) unstable; urgency=low
27 * New upstream release.
28 - Don't download remote metadata if it hasn't changed
29 - Verify that fetched metadata is valid, even after filters, before
30 overwriting the previous metadata. Improve metadata downloads.
31 - Logging improvements for OpenSAML.MetadataProvider.XML
32 - Add keywords/tags element to UIInfo extension and disco feed
33 - Fix overuse of InclusivePrefixes list when signing
34 - Do not use cacheDuration for validity
36 - Fix crash when encrypting unmarshalled object
37 - Resolve sibling EncryptedKey element for decryption
38 - Add xml prefix on newly-created xml:lang attributes
39 - Duplication and line feed fixes for DiscoFeed.
40 - Fix reload interval backoff after reload failures
41 - Strip whitespace from SAMLRequest URL parameter values
42 * Change package names for the upstream SONAME change.
43 * Install the new upstream pkg-config file in libsaml2-dev.
44 * Build-depend on xmltooling 1.4 or later.
45 * Force build dependency on xml-security-c 1.6 or later for consistent
47 * Add build dependency on pkg-config, which upstream now uses to find
49 * Add build dependency on graphviz for better API documentation.
50 * Replace the version of jQuery installed by Doxygen in the
51 documentation package with a symlink to the version supplied by the
52 Debian package and add a dependency.
53 * Update to debhelper compatibility level V8.
54 - Use the autotools-dev debhelper module for config.{sub,guess}.
55 - Use debhelper rule minimization.
56 * Update debian/copyright to the current DEP-5 specification.
57 * Change to Debian source format 3.0 (quilt). Force a single Debian
58 patch for simplicity since the packaging is maintained in Git using
59 branches, and include a patch header explaining why.
60 * Update standards version to 3.9.1 (no changes required).
62 -- Russ Allbery <rra@debian.org> Sun, 03 Apr 2011 18:57:10 -0700
64 opensaml2 (2.3-2) unstable; urgency=low
66 * Force source format 1.0 for now since it makes backporting easier.
67 * Add ${misc:Depends} to all package dependencies.
68 * Update debhelper compatibility level to V7.
69 - Use dh_prep instead of dh_clean -k.
70 * Update standards version to 3.8.4 (no changes required).
72 -- Russ Allbery <rra@debian.org> Thu, 13 May 2010 10:21:12 -0700
74 opensaml2 (2.3-1) unstable; urgency=high
76 * Urgency set to high for security fix.
77 * New upstream release.
78 - SECURITY: Partial fix for improper handling of URLs that could be
79 abused for script injection and other cross-site scripting attacks.
80 The complete fix also requires newer xmltooling and shibboleth-sp2
81 packages. (CVE-2009-3300)
82 - Fix crash on assertions with missing SubjectConfirmation.
83 - Remove inline functions except for templates or RAII patterns.
84 - Remove xml from the inclusive prefix list to avoid bugs in Apache
86 - Honor digest algorithm in whole document signing with empty URI.
87 * Rename library package for upstream SONAME bump.
88 * Build-depend on libxmltooling-dev 1.3 or later and make libsaml2-dev
89 depend on libxmltooling-dev 1.3 or later for the fixes for URL
91 * Build-depend on libxml-security-c-dev 1.5 or later to ensure
92 that all builds are consistent.
94 -- Russ Allbery <rra@debian.org> Fri, 06 Nov 2009 15:09:04 -0800
96 opensaml2 (2.2.1-1) unstable; urgency=low
98 * New upstream release.
99 - Fix crash when generating unsigned ECP AuthnRequest.
100 - Correct check of key usage against KeyDescriptor use.
101 * Remove temporary build-depend on libicu-dev and tighten the build
102 dependency on libxerces-c-dev to require the fixed version.
104 -- Russ Allbery <rra@debian.org> Mon, 07 Sep 2009 18:35:47 -0700
106 opensaml2 (2.2-1) unstable; urgency=low
108 * New upstream release.
109 - Use CRLs in the metadata signature during PKIX path validation.
110 - Fix cacheDuration handling in metadata parsing.
111 - Set HTTP no-cache headers when redirecting client to IdP via POST.
112 - Allow verbs for GET-based bindings to be overridden.
113 * Rename library package for upstream SONAME bump.
114 * Build against Xerces-C 3.0.
115 * Build-depend and depend on xmltooling 1.2 or later.
116 * Temporarily add libicu-dev to Build-Depends to work around Bug#540964
118 * Update standards version to 3.8.3 (no changes required).
120 -- Russ Allbery <rra@debian.org> Tue, 18 Aug 2009 16:36:16 -0700
122 opensaml2 (2.1-1) unstable; urgency=low
125 * New upstream bug-fix release.
126 * Bump SONAME of libsaml following upstream's versioning. The names of
127 libsaml2-dev and libsaml2-doc have not changed; the "2" in those names
128 refers to the major version of the package, not to the SONAME of the
130 * Build-depend on libxmtooling-dev >= 1.1 following the upstream spec
132 * Flesh out debian/copyright with entries for build system files and
133 convert to the latest draft of the copyright format proposal.
134 * Remove duplicated Section header in the libsaml3 control stanza.
137 * Fix watch file for upstream directory structure.
139 -- Russ Allbery <rra@debian.org> Sun, 22 Feb 2009 13:16:05 -0800
141 opensaml2 (2.0-2) unstable; urgency=low
143 * Include fix for https://bugs.internet2.edu/jira/browse/CPPOST-7
144 (Metadata with EncryptionMethod elements fails to load)
145 * Include fix for https://bugs.internet2.edu/jira/browse/CPPOST-11
146 (SignatureMetadataFilter fails to validate signed EntityDescriptor)
148 -- Ferenc Wagner <wferi@niif.hu> Wed, 21 Jan 2009 16:30:46 +0100
150 opensaml2 (2.0-1) unstable; urgency=low
153 * Initial release (Closes: #480289)
155 -- Russ Allbery <rra@debian.org> Mon, 16 Jun 2008 21:28:28 -0700