group.of.nepali.translators team mailing list archive

[John Breton <2103420@xxxxxxxxxxxxxxxxxx>]

** Changed in: opensaml (Ubuntu Plucky)
       Status: Fix Committed => Fix Released

** Changed in: opensaml (Ubuntu Plucky)
     Assignee: John Breton (john-breton) => (unassigned)

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/2103420

Title:
  Security issue with libsaml12

Status in opensaml package in Ubuntu:
  Fix Released
Status in opensaml2 package in Ubuntu:
  Fix Released
Status in opensaml2 source package in Trusty:
  Invalid
Status in opensaml2 source package in Xenial:
  Fix Released
Status in opensaml2 source package in Bionic:
  Fix Released
Status in opensaml source package in Focal:
  Fix Released
Status in opensaml source package in Jammy:
  Fix Released
Status in opensaml source package in Noble:
  Fix Released
Status in opensaml source package in Oracular:
  Fix Released
Status in opensaml source package in Plucky:
  Fix Released

Bug description:
  A security issue has been discovered on the OpenSAML by Shibboleth.

  Debian has release a new version and this has to be fixed by Ubuntu as
  well.

  From Debian:
  "Alexander Tan discovered that the OpenSAML C++ library was susceptible
  to forging of signed SAML messages. For additional details please refer
  to the upstream advisory at
  https://shibboleth.net/community/advisories/secadv_20250313.txt";

  https://lists.debian.org/debian-security-announce/2025/msg00041.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/opensaml/+bug/2103420/+subscriptions