python-pysaml2 (4.9.0-0ubuntu3) focal; urgency=medium * d/p/update-test-metadata-expiration.patch: Cherry pick fix to update test metadata expiration to 2999 resolving FTBFS (LP: #1870077). -- James Page Fri, 03 Apr 2020 11:26:41 +0100 python-pysaml2 (4.9.0-0ubuntu2) focal; urgency=medium * SECURITY UPDATE: Signature in SAML doc not checked properly - debian/patches/CVE-2020-5390.patch: fix XML signature wrapping (XSW) in src/saml2/sigver.py, tests/saml2_response_xsw.xml, tests/test_xsw.py. - CVE-2020-5390 -- Leonidas S. Barbosa Tue, 21 Jan 2020 15:07:23 -0300 python-pysaml2 (4.9.0-0ubuntu1) focal; urgency=medium * d/control, d/rules, d/*.{postinst,prerm,postrm}: Drop py2 support as there are no more reverse-depends. * d/copyright: Drop Files-Excluded. The latest release tarballs no longer include these files. * d/watch: Get tarball from github as pypi version is missing files. * New upstream release for OpenStack Ussuri. * d/p/fix-test-pathing.patch: Dropped. Test no longer exists. * d/p/skip-online-tests.patch: Rebased. * d/rules: Switch to pybuild and 'python3 -m sphinx'. -- Corey Bryant Fri, 13 Dec 2019 16:59:07 -0500 python-pysaml2 (4.5.0+dfsg1-0ubuntu1) cosmic; urgency=medium [ Corey Bryant ] * d/gbp.conf: Update gbp configuration file. * d/control: Update Vcs-* links and maintainers. [ James Page ] * New upstream release for OpenStack Rocky: - d/p/CVE-*.patch: Drop, included in release. - d/p/disable-repoze.who-tests.patch,fix-test-41-response.patch, fix-tests.patch: Drop, no longer needed. - d/p/*: Refresh. - d/control: Add BD on python{3}-future. * d/copyright: Move global file wildcard to first paragraph. * d/control: Bumped Standards-Version to 4.2.0. * d/watch: Add dversionmangle for dfsg repack. -- James Page Tue, 14 Aug 2018 12:11:40 +0100 python-pysaml2 (4.0.2-0ubuntu3) bionic; urgency=medium * SECURITY UPDATE: Any password can be used if optimizations are enabled - debian/patches/CVE-2017-1000433.patch: fixes authentication bypass due to optimizations in src/saml2/authn.py. - CVE-2017-1000433 * Add a fix patch for test_41_response - debian/patches/fix-test-41-response.patch -- Leonidas S. Barbosa Thu, 22 Feb 2018 11:20:28 -0300 python-pysaml2 (4.0.2-0ubuntu2) bionic; urgency=medium * d/p/skip-online-tests.patch: Skip misc tests that require open access to misc internet resources. -- James Page Wed, 15 Nov 2017 15:57:41 +0000 python-pysaml2 (4.0.2-0ubuntu1) bionic; urgency=medium * New upstream release. * d/rules,control: Add missing BD's on requests, defusedxml and mock, fix execution of unit tests under default py2/3. * d/p/fix-test-pathing.patch: Misc fixes for tests that fail due to expired test data and invalid relative pathing. -- James Page Wed, 15 Nov 2017 13:54:58 +0000 python-pysaml2 (3.0.0-3ubuntu2) artful; urgency=medium * SECURITY UPDATE: External Entity vulnerability - debian/patches/CVE-2016-10149.patch: fixes XXE issues in setupy.py, src/saml2/__init__.py, src/saml2/pack.py, src/saml2/soap.py, tests/test_03_saml2.py, tests/test_43_soap.py, tests/test_51_client.py. - CVE-2016-10149 * Some tests fails in upstream test suite. Adding the corresponding fix. - debian/patches/fix-tests.patch -- Leonidas S. Barbosa Tue, 22 Aug 2017 17:37:33 -0300 python-pysaml2 (3.0.0-3ubuntu1) xenial; urgency=low * Merge from Debian unstable. Remaining changes: - debian/control: Drop runtime dependencies on python{,3}-repoze.who back to a Suggests, remove BD. Depend on pymongo 3.0 and higher. - debian/patches/disable-repoze.who-tests.patch: Skip hard requirement on repoze.who and dependent tests, as repoze.who is unmaintained and out-of-date in Debian and Ubuntu. -- Łukasz 'sil2100' Zemczak Thu, 18 Feb 2016 12:53:50 +0100 python-pysaml2 (3.0.0-3) unstable; urgency=medium * override_dh_python3 to fix Py3 shebang. -- Thomas Goirand Fri, 23 Oct 2015 23:48:31 +0000 python-pysaml2 (3.0.0-2) unstable; urgency=medium * Uploading to unstable. -- Thomas Goirand Fri, 16 Oct 2015 10:34:56 +0000 python-pysaml2 (3.0.0-1) experimental; urgency=medium * New upstream release. * Added Python3 support. * Updated watch file to use github tag and not broken pypi. -- Thomas Goirand Fri, 31 Jul 2015 08:47:57 +0000 python-pysaml2 (2.4.0-2) unstable; urgency=medium * Makes build reproducible thanks to Juan Picca (Closes: #789751). -- Thomas Goirand Fri, 26 Jun 2015 15:41:09 +0200 python-pysaml2 (2.4.0-1) unstable; urgency=medium * New upstream release. * Dropped X-Python-Version: >= 2.7. * Standard-Versions: is now 3.9.6. * Also renames /usr/bin/merge_metadata.py as pysaml2-merge-metadata. -- Thomas Goirand Fri, 15 May 2015 17:48:07 +0200 python-pysaml2 (2.4.0-0ubuntu2) wily; urgency=medium * debian/control: - Depend on python-pymongo versions 3.0 and higher * debian/patches/fix-build-against-new-pymongo.patch: - Cherry-pick fix pysaml2 with python-pymongo 3.0 * debian/patches/fix-test-failures.patch: - Fix the newly failing test failures (LP: #1503698) -- Łukasz 'sil2100' Zemczak Thu, 08 Oct 2015 20:16:42 +0200 python-pysaml2 (2.4.0-0ubuntu1) vivid; urgency=medium * New upstream release, supporting MIR for keystone (LP: #1434526): - d/control: Drop runtime dependency on python-repoze.who back to a Suggests, remove BD. - d/p/disable-repoze.who-tests.patch: Skip hard requirement on repoze.who and dependent tests, as repoze.who is unmaintained and out-of-date in Debian and Ubuntu. - d/p/*: Drop all previous patches, no longer required. -- James Page Mon, 23 Mar 2015 13:33:26 +0000 python-pysaml2 (2.2.0-0ubuntu2) vivid; urgency=medium * d/p/disable-online-tests.patch: Disable tests that require access to online resources. -- James Page Thu, 08 Jan 2015 11:54:09 +0000 python-pysaml2 (2.2.0-0ubuntu1) vivid; urgency=medium * New upstream release. - d/control: Add python-pymongo to BD's. - d/p/disable-failing-tests.patch: Disable two tests that currently fail in the upstream code base. - d/p/fix-error-tests.patch: Fixup problems with lack of full_path use in some test cases. * d/watch: Fix parsing of pypi urls. -- James Page Thu, 08 Jan 2015 11:43:42 +0000 python-pysaml2 (2.0.0-1) unstable; urgency=medium * Initial release. (Closes: #760824) -- Thomas Goirand Mon, 08 Sep 2014 16:11:53 +0800