Description of problem:
Version-Release number of selected component (if applicable):
Steps to Reproduce:
It was reported that the Shibboleth Project's OpenSAML software was vulnerable to XML signature wrapping attacks.
Version 2.4.3 corrects this flaw.
Created opensaml tracking bugs for this issue
Affects: fedora-all [bug 725557]
xmltooling 1.4.2 / opensaml 2.4.3 build in rawhide
The vulnerability has been addressed in:
opensaml-2.3-6 (f16 updates-testing, submitted for stable)
opensaml-2.3-4 (f15 updates)