Your message dated Wed, 08 Jan 2020 21:47:13 +0000
with message-id <[email protected]>
and subject line Bug#944820: fixed in simplesamlphp 1.16.3-1+deb10u2
has caused the Debian Bug report #944820,
regarding SimpleSAMLphp fails when consuming assertion
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
944820: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944820
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: simplesamlphp
Version: 1.16.3-1+deb10u1
When SimpleSAMLphp consumes an assertion, it will fail and log the
following:
> PHP Warning: preg_replace(): Compilation failed: invalid range in character
> class at offset 8 in
> /usr/share/simplesamlphp/vendor/robrichards/xmlseclibs/src/Utils/XPath.php on
> line 42
> PHP Warning: DOMXPath::query(): Invalid expression in
> /usr/share/simplesamlphp/vendor/robrichards/xmlseclibs/src/XMLSecurityDSig.php
> on line 509
> PHP Warning: DOMXPath::query(): Invalid expression in
> /usr/share/simplesamlphp/vendor/robrichards/xmlseclibs/src/XMLSecurityDSig.php
> on line 509
The problem is that a year-old patch has not yet made it into the Debian
package. Applying this patch manually solves the problem:
https://github.com/robrichards/xmlseclibs/commit/7b35c14f3659eefa2ac194965aee541d2b2400ef
I suggest applying this patch in the package so that I don't have to
maintain this patch locally on my system.
I am using Debian GNU/Linux 10.1, php 7.3
--
Vennlig hilsen/Best regardsJørn Åne de Jong
Systemutvikler/Systems Developer
Uninett AS
[email protected]
+47 95 36 10 17
www.uninett.no
Abonner på vårt nyhetsbrev www.uninett.no/nyhetsbrev
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: simplesamlphp
Source-Version: 1.16.3-1+deb10u2
We believe that the bug you reported is fixed in the latest version of
simplesamlphp, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thijs Kinkhorst <[email protected]> (supplier of updated simplesamlphp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 16 Dec 2019 14:15:00 +0100
Source: simplesamlphp
Binary: simplesamlphp
Architecture: source all
Version: 1.16.3-1+deb10u2
Distribution: buster
Urgency: medium
Maintainer: Thijs Kinkhorst <[email protected]>
Changed-By: Thijs Kinkhorst <[email protected]>
Description:
simplesamlphp - Authentication and federation application supporting several
prot
Closes: 944820
Changes:
simplesamlphp (1.16.3-1+deb10u2) buster; urgency=medium
.
* Fix incompatibility with PHP 7.3 (closes: #944820).
Checksums-Sha1:
b464d63a3611e8be8cde6ef58d51e58da53cf49d 1592
simplesamlphp_1.16.3-1+deb10u2.dsc
064dd622061b517c6f040044d8e1f384b7398b1b 2309260
simplesamlphp_1.16.3-1+deb10u2.debian.tar.xz
1a7ad9ad8d62d6dcfb25173cd2a32c3e932320b3 1909292
simplesamlphp_1.16.3-1+deb10u2_all.deb
5a90c3653a7c460b5e9ee3047afd930853aec23f 6241
simplesamlphp_1.16.3-1+deb10u2_amd64.buildinfo
Checksums-Sha256:
40e65c76f2da100e3fd4944badaa64381b0a9de5506404f137ecea3079aa1d5f 1592
simplesamlphp_1.16.3-1+deb10u2.dsc
eb221688ffea6ec4be9e03ce9af152ed1f533eaf87a19e356d71213e1152e039 2309260
simplesamlphp_1.16.3-1+deb10u2.debian.tar.xz
67981c2cc315ef607fc471a58d90aa511da6d9ec0d7e1a689306f64bcbb46813 1909292
simplesamlphp_1.16.3-1+deb10u2_all.deb
e3910bbe66cfc66a236c250d534da7829b662628889b96c207c2254389a8c7f5 6241
simplesamlphp_1.16.3-1+deb10u2_amd64.buildinfo
Files:
c421fae0d73a841b162a530c4b49fa7d 1592 web optional
simplesamlphp_1.16.3-1+deb10u2.dsc
0ed29f413c49e34c77bde27a54829398 2309260 web optional
simplesamlphp_1.16.3-1+deb10u2.debian.tar.xz
58b9eec7c271eb67ce3a96b34578c145 1909292 web optional
simplesamlphp_1.16.3-1+deb10u2_all.deb
b24c542391764732355afeb7bd897115 6241 web optional
simplesamlphp_1.16.3-1+deb10u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFFBAEBCAAvFiEEeANVtepr/II1qZxLVvYaeUAdrAQFAl4LJ1YRHHRoaWpzQGRl
Ymlhbi5vcmcACgkQVvYaeUAdrARjVAf9ERNYAzH4ahOJHWNPQaqGuA5nc5DODrS/
MrPXRFK36EZao/iCxLzNkA5CGhAMI38OwiPIO87c0UqdPiruCQN2ih9kKbinEAZx
yCFnyP/aaEfY0hc5BjfE1k9NCqDrkTNvhqqiNC6J3pI4FbxwZ+3KWLCgVOJCgBax
rtslVSeMcs+QcfbxfHMXgnRD40S9SWbDBZwSOZh6nDRLWqgr/dzlU/AE4QUtpdfa
JKaecctdcYzELgQx6pReFVhYOnTar3GYPeTIviUKabloodRj9iChX8XDDeH1tFyk
QN1TPZtnoMLndQcS8yVR5uowHtUmv7Fzq9k0+dsVj8gpeqbwZnGFSw==
=INH0
-----END PGP SIGNATURE-----
--- End Message ---
