Debian Patches
Status for opensaml/3.3.1-2
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| Update-SAML2-signatures-to-RSA-SHA256.patch | Update SAML2 signatures to RSA-SHA256 The default signature algorithm changed to RSA-SHA256 in XMLTooling 3.3 [1], so the control XML files in the OpenSAML test suite must follow [2]. The "Not yet signed" ResponseChildElements.xml was edited manually, while SAML2Assertion.xml was re-signed in the build tree via ../samlsign/samlsign -s -k ./data/key.pem -c ./data/cert.pem -f ./data/signature/SAML2Assertion.xml [1] https://shibboleth.atlassian.net/browse/CPPXT-162 [2] https://shibboleth.atlassian.net/browse/CPPOST-125 |
=?utf-8?q?Ferenc_W=C3=A1gner?= <wferi@debian.org> | no | 2024-12-25 | ||
| Skip-SAML1-tests-depending-on-the-old-RSA-SHA1-default-si.patch | Skip SAML1 tests depending on the old RSA-SHA1 default signature I do not know how to re-sign SAML1 data with RSA-SHA256. |
=?utf-8?q?Ferenc_W=C3=A1gner?= <wferi@debian.org> | no | 2024-12-25 | ||
| Use-the-new-InCommon-metadata-source.patch | Use the new InCommon metadata source The legacy metadata expired on 2025-04-15, leading to failures in the XMLMetadataProviderTest samltest suite. The new URL and certificate was taken from the https://spaces.at.internet2.edu/display/MDQ/how-to-locate-metadata-with-mdq page. |
=?utf-8?q?Ferenc_W=C3=A1gner?= <wferi@debian.org> | no | 2025-04-27 |
All known versions for source package 'opensaml'
- 3.3.1-2 (forky, sid, trixie)
- 3.2.1-3+deb12u1 (bookworm-security, bookworm)