opensaml2 (2.5+dfsg~moonshot4-1) unstable; urgency=low * New upstream based on the actual 2.5 release -- Sam Hartman Sat, 03 Nov 2012 05:22:09 -0400 opensaml2 (2.5+dfsg~moonshot3-1) unstable; urgency=low * new upstream -- Sam Hartman Fri, 16 Dec 2011 11:44:02 -0500 opensaml2 (2.5+dfsg~moonshot2-1) unstable; urgency=low * New upstream -- Sam Hartman Tue, 13 Dec 2011 15:28:33 -0500 opensaml2 (2.5+dfsg~moonshot1-2) unstable; urgency=low * Update to libsaml8 -- Sam Hartman Wed, 07 Dec 2011 11:54:44 -0500 opensaml2 (2.5+dfsg~moonshot1-1) unstable; urgency=low * New upstream prerelease -- Russ Allbery Tue, 09 Aug 2011 16:37:46 -0400 opensaml2 (2.4.1-1) unstable; urgency=low * New upstream release. - Don't download remote metadata if it hasn't changed - Verify that fetched metadata is valid, even after filters, before overwriting the previous metadata. Improve metadata downloads. - Logging improvements for OpenSAML.MetadataProvider.XML - Add keywords/tags element to UIInfo extension and disco feed - Fix overuse of InclusivePrefixes list when signing - Do not use cacheDuration for validity - Fix memory leaks - Fix crash when encrypting unmarshalled object - Resolve sibling EncryptedKey element for decryption - Add xml prefix on newly-created xml:lang attributes - Duplication and line feed fixes for DiscoFeed. - Fix reload interval backoff after reload failures - Strip whitespace from SAMLRequest URL parameter values * Change package names for the upstream SONAME change. * Install the new upstream pkg-config file in libsaml2-dev. * Build-depend on xmltooling 1.4 or later. * Force build dependency on xml-security-c 1.6 or later for consistent build results. * Add build dependency on pkg-config, which upstream now uses to find the SSL libraries. * Add build dependency on graphviz for better API documentation. * Replace the version of jQuery installed by Doxygen in the documentation package with a symlink to the version supplied by the Debian package and add a dependency. * Update to debhelper compatibility level V8. - Use the autotools-dev debhelper module for config.{sub,guess}. - Use debhelper rule minimization. * Update debian/copyright to the current DEP-5 specification. * Change to Debian source format 3.0 (quilt). Force a single Debian patch for simplicity since the packaging is maintained in Git using branches, and include a patch header explaining why. * Update standards version to 3.9.1 (no changes required). -- Russ Allbery Sun, 03 Apr 2011 18:57:10 -0700 opensaml2 (2.3-2) unstable; urgency=low * Force source format 1.0 for now since it makes backporting easier. * Add ${misc:Depends} to all package dependencies. * Update debhelper compatibility level to V7. - Use dh_prep instead of dh_clean -k. * Update standards version to 3.8.4 (no changes required). -- Russ Allbery Thu, 13 May 2010 10:21:12 -0700 opensaml2 (2.3-1) unstable; urgency=high * Urgency set to high for security fix. * New upstream release. - SECURITY: Partial fix for improper handling of URLs that could be abused for script injection and other cross-site scripting attacks. The complete fix also requires newer xmltooling and shibboleth-sp2 packages. (CVE-2009-3300) - Fix crash on assertions with missing SubjectConfirmation. - Remove inline functions except for templates or RAII patterns. - Remove xml from the inclusive prefix list to avoid bugs in Apache Java xmlsec. - Honor digest algorithm in whole document signing with empty URI. * Rename library package for upstream SONAME bump. * Build-depend on libxmltooling-dev 1.3 or later and make libsaml2-dev depend on libxmltooling-dev 1.3 or later for the fixes for URL sanitization. * Build-depend on libxml-security-c-dev 1.5 or later to ensure that all builds are consistent. -- Russ Allbery Fri, 06 Nov 2009 15:09:04 -0800 opensaml2 (2.2.1-1) unstable; urgency=low * New upstream release. - Fix crash when generating unsigned ECP AuthnRequest. - Correct check of key usage against KeyDescriptor use. * Remove temporary build-depend on libicu-dev and tighten the build dependency on libxerces-c-dev to require the fixed version. -- Russ Allbery Mon, 07 Sep 2009 18:35:47 -0700 opensaml2 (2.2-1) unstable; urgency=low * New upstream release. - Use CRLs in the metadata signature during PKIX path validation. - Fix cacheDuration handling in metadata parsing. - Set HTTP no-cache headers when redirecting client to IdP via POST. - Allow verbs for GET-based bindings to be overridden. * Rename library package for upstream SONAME bump. * Build against Xerces-C 3.0. * Build-depend and depend on xmltooling 1.2 or later. * Temporarily add libicu-dev to Build-Depends to work around Bug#540964 in libxerces-c-dev. * Update standards version to 3.8.3 (no changes required). -- Russ Allbery Tue, 18 Aug 2009 16:36:16 -0700 opensaml2 (2.1-1) unstable; urgency=low [ Russ Allbery ] * New upstream bug-fix release. * Bump SONAME of libsaml following upstream's versioning. The names of libsaml2-dev and libsaml2-doc have not changed; the "2" in those names refers to the major version of the package, not to the SONAME of the library. * Build-depend on libxmtooling-dev >= 1.1 following the upstream spec file. * Flesh out debian/copyright with entries for build system files and convert to the latest draft of the copyright format proposal. * Remove duplicated Section header in the libsaml3 control stanza. [ Ferenc Wagner ] * Fix watch file for upstream directory structure. -- Russ Allbery Sun, 22 Feb 2009 13:16:05 -0800 opensaml2 (2.0-2) unstable; urgency=low * Include fix for https://bugs.internet2.edu/jira/browse/CPPOST-7 (Metadata with EncryptionMethod elements fails to load) * Include fix for https://bugs.internet2.edu/jira/browse/CPPOST-11 (SignatureMetadataFilter fails to validate signed EntityDescriptor) -- Ferenc Wagner Wed, 21 Jan 2009 16:30:46 +0100 opensaml2 (2.0-1) unstable; urgency=low [ Ferenc Wagner ] * Initial release (Closes: #480289) -- Russ Allbery Mon, 16 Jun 2008 21:28:28 -0700