Proposed security fixes for Shibboleth 1.x (lenny)
Scott Cantor
cantor.2 at osu.edu
Wed Sep 23 20:12:19 UTC 2009
Scott Cantor wrote on 2009-09-23:
>> and here is the more substantial shibboleth-sp patch:
>
> I think you're missing a set of changes to one of the source files in
> shib-target (possibly shib-target.cpp?) with a bunch of copies of the URL
> fix. The code's a mess. It's in one spot in the new version, but not here.
Correcting myself, I think there was also a copy in adfs/adfs.cpp
Did I say it was a mess?
I went and looked for the rev, it's here:
http://svn.middleware.georgetown.edu/view/cpp-sp?view=rev&revision=3110
-- Scott
More information about the Pkg-shibboleth-devel
mailing list