python-pysaml2 (4.0.2-0ubuntu3) bionic; urgency=medium

  * SECURITY UPDATE: Any password can be used if optimizations are enabled
    - debian/patches/CVE-2017-1000433.patch: fixes authentication bypass due
      to optimizations in src/saml2/authn.py.
    - CVE-2017-1000433
  * Add a fix patch for test_41_response
    - debian/patches/fix-test-41-response.patch

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Thu, 22 Feb 2018 11:20:28 -0300

python-pysaml2 (4.0.2-0ubuntu2) bionic; urgency=medium

  * d/p/skip-online-tests.patch: Skip misc tests that require open
    access to misc internet resources.

 -- James Page <james.page@ubuntu.com>  Wed, 15 Nov 2017 15:57:41 +0000

python-pysaml2 (4.0.2-0ubuntu1) bionic; urgency=medium

  * New upstream release.
  * d/rules,control: Add missing BD's on requests, defusedxml and
    mock, fix execution of unit tests under default py2/3.
  * d/p/fix-test-pathing.patch: Misc fixes for tests that fail due
    to expired test data and invalid relative pathing.

 -- James Page <james.page@ubuntu.com>  Wed, 15 Nov 2017 13:54:58 +0000

python-pysaml2 (3.0.0-3ubuntu2) artful; urgency=medium

  * SECURITY UPDATE: External Entity vulnerability
    - debian/patches/CVE-2016-10149.patch: fixes XXE issues in
      setupy.py, src/saml2/__init__.py, src/saml2/pack.py,
      src/saml2/soap.py, tests/test_03_saml2.py,
      tests/test_43_soap.py, tests/test_51_client.py.
    - CVE-2016-10149
  * Some tests fails in upstream test suite. Adding the
    corresponding fix.
    - debian/patches/fix-tests.patch

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Tue, 22 Aug 2017 17:37:33 -0300

python-pysaml2 (3.0.0-3ubuntu1) xenial; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/control: Drop runtime dependencies on python{,3}-repoze.who back
      to a Suggests, remove BD. Depend on pymongo 3.0 and higher.
    - debian/patches/disable-repoze.who-tests.patch: Skip hard requirement on
      repoze.who and dependent tests, as repoze.who is unmaintained and
      out-of-date in Debian and Ubuntu.

 -- Łukasz 'sil2100' Zemczak <lukasz.zemczak@ubuntu.com>  Thu, 18 Feb 2016 12:53:50 +0100

python-pysaml2 (3.0.0-3) unstable; urgency=medium

  * override_dh_python3 to fix Py3 shebang.

 -- Thomas Goirand <zigo@debian.org>  Fri, 23 Oct 2015 23:48:31 +0000

python-pysaml2 (3.0.0-2) unstable; urgency=medium

  * Uploading to unstable.

 -- Thomas Goirand <zigo@debian.org>  Fri, 16 Oct 2015 10:34:56 +0000

python-pysaml2 (3.0.0-1) experimental; urgency=medium

  * New upstream release.
  * Added Python3 support.
  * Updated watch file to use github tag and not broken pypi.

 -- Thomas Goirand <zigo@debian.org>  Fri, 31 Jul 2015 08:47:57 +0000

python-pysaml2 (2.4.0-2) unstable; urgency=medium

  * Makes build reproducible thanks to Juan Picca (Closes: #789751).

 -- Thomas Goirand <zigo@debian.org>  Fri, 26 Jun 2015 15:41:09 +0200

python-pysaml2 (2.4.0-1) unstable; urgency=medium

  * New upstream release.
  * Dropped X-Python-Version: >= 2.7.
  * Standard-Versions: is now 3.9.6.
  * Also renames /usr/bin/merge_metadata.py as pysaml2-merge-metadata.

 -- Thomas Goirand <zigo@debian.org>  Fri, 15 May 2015 17:48:07 +0200

python-pysaml2 (2.4.0-0ubuntu2) wily; urgency=medium

  * debian/control:
    - Depend on python-pymongo versions 3.0 and higher
  * debian/patches/fix-build-against-new-pymongo.patch:
    - Cherry-pick fix pysaml2 with python-pymongo 3.0
  * debian/patches/fix-test-failures.patch:
    - Fix the newly failing test failures (LP: #1503698)

 -- Łukasz 'sil2100' Zemczak <lukasz.zemczak@canonical.com>  Thu, 08 Oct 2015 20:16:42 +0200

python-pysaml2 (2.4.0-0ubuntu1) vivid; urgency=medium

  * New upstream release, supporting MIR for keystone (LP: #1434526):
    - d/control: Drop runtime dependency on python-repoze.who back to
      a Suggests, remove BD.
    - d/p/disable-repoze.who-tests.patch: Skip hard requirement on repoze.who
      and dependent tests, as repoze.who is unmaintained and out-of-date
      in Debian and Ubuntu.
    - d/p/*: Drop all previous patches, no longer required.

 -- James Page <james.page@ubuntu.com>  Mon, 23 Mar 2015 13:33:26 +0000

python-pysaml2 (2.2.0-0ubuntu2) vivid; urgency=medium

  * d/p/disable-online-tests.patch: Disable tests that require access to
    online resources.

 -- James Page <james.page@ubuntu.com>  Thu, 08 Jan 2015 11:54:09 +0000

python-pysaml2 (2.2.0-0ubuntu1) vivid; urgency=medium

  * New upstream release.
    - d/control: Add python-pymongo to BD's.
    - d/p/disable-failing-tests.patch: Disable two tests that currently
      fail in the upstream code base.
    - d/p/fix-error-tests.patch: Fixup problems with lack of full_path
      use in some test cases.
  * d/watch: Fix parsing of pypi urls.

 -- James Page <james.page@ubuntu.com>  Thu, 08 Jan 2015 11:43:42 +0000

python-pysaml2 (2.0.0-1) unstable; urgency=medium

  * Initial release. (Closes: #760824)

 -- Thomas Goirand <zigo@debian.org>  Mon, 08 Sep 2014 16:11:53 +0800