xmltooling patches for 2.5 versions?
Peter Schober
peter.schober at univie.ac.at
Thu Mar 1 08:32:50 EST 2018
* Jan Vilhuber <JVilhuber at absolute.com> [2018-03-01 05:41]:
> > From: users [mailto:users-bounces at shibboleth.net] On Behalf Of Cantor, Scott
> > Sent: Wednesday, February 28, 2018 9:20 PM
> > To: Shib Users <users at shibboleth.net>
> > Subject: RE: xmltooling patches for 2.5 versions?
> >
> > > I don't suppose there are (or can be? Or will be?) patched versions of
> > > xmltooling for the 2.5 release? We're still on that one, and upgrading
> > > to 2.6 at this point is a slightly bigger effort. I'd really rather
> > > patch the vulnerability quicker than I can upgrade to 2.6.
> >
> > From the project itself? Absolutely not. And no, upgrading should be exactly the
> > same effort unless you're building from source, and if you were, you could do
> > the patch yourself.
>
> My apologies. For some reason I thought the xmltooling was from the
> shibboleth project. Someone else set me straight! Sorry for the
> noise.
https://wiki.shibboleth.net/confluence/display/OpenSAML/XMLTooling-C
"xmltooling" is the XML tooling stuff for OpenSAML and therefore for
the Shibboleth SP, so yes, it's coded and packaged and published by
the Shibboleth project.
-peter
More information about the users
mailing list