Source: libopensaml2-java Version: 2.6.2-1 Severity: grave Tags: security upstream fixed-upstream
Hi, the following vulnerability was published for libopensaml2-java. Note that I don't know libopensaml2-java well enough, so could you assess if this affeccts Debian as well, and if the severity is approriate (if not please feel free to downgrade it). Information follows: CVE-2015-1796[0]: PKIX Trust Engines Exhibit Critical Flaw In Trusted Names Evaluation If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-1796 [1] http://shibboleth.net/community/advisories/secadv_20150225.txt Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
