import UBI lasso-2.7.0-12.el9

2026-05-19 20:09:35 -04:00 · 2026-05-19 20:09:35 -04:00 · 0331df8edb
commit 0331df8edb
parent 580484ac53
2 changed files with 16 additions and 9 deletions
--- a/SOURCES/0010-prevent_assignment_of_attribute_value_inside_any_attribut.patch
+++ b/SOURCES/0010-prevent_assignment_of_attribute_value_inside_any_attribut.patch
@ -48,4 +48,3 @@ diff -up lasso-2.7.0/lasso/xml/xml.c.orig lasso-2.7.0/lasso/xml/xml.c
 				if (! lasso_strisequal((char*)attr->name, (char*)snippet->name))
 					continue;
 				if (attr->ns) {
-
--- a/SPECS/lasso.spec
+++ b/SPECS/lasso.spec
@ -59,7 +59,7 @@
 Summary: Liberty Alliance Single Sign On
 Name: lasso
 Version: 2.7.0
-Release: 11%{?dist}.3
+Release: 12%{?dist}
 License: GPLv2+
 URL: http://lasso.entrouvert.org/
 Source: http://dev.entrouvert.org/lasso/lasso-%{version}.tar.gz
@ -324,9 +324,17 @@ rm -fr %{buildroot}%{_defaultdocdir}/%{name}
 %endif

 %changelog
-* Fri Nov 14 2025 Tomas Halman <thalman@redhat.com>  - 2.7.0-11.3
- Fix CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso
-  Resolves: RHEL-126684
+* Fri Nov 7 2025 Tomas Halman <thalman@redhat.com> - 2.7.0-12
+- Fixing CVE-2025-47151
+  Resolves: RHEL-126685 CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso
+
+* Wed Nov 9 2022 Tomas Halman <thalman@redhat.com> - 2.7.0-11
+- Fixing changelog chronological order
+- Related: rhbz#2117590 - release python3-lasso pkg
+
+* Wed Nov 9 2022 Tomas Halman <thalman@redhat.com> - 2.7.0-10
+- Publishing python binding package
+- Resolves: rhbz#2117590 - release python3-lasso pkg

 * Mon Aug 16 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.7.0-9
 - Bump the test timeout again
@ -337,15 +345,15 @@ rm -fr %{buildroot}%{_defaultdocdir}/%{name}
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
  Related: rhbz#1991688

+* Thu Jul 29 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.7.0-6
+- Resolves: rhbz#1984822 - lasso: FTBFS in test suite due to short test
+                           timeout (potentially OpenSSL-related)
+
 * Mon Jun 28 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.7.0-7
 - Fix dead code issue
 - Resolves: rhbz#1966606: CVE-2021-28091 lasso: XML signature wrapping
                          vulnerability when parsing SAML responses

-* Thu Jul 29 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.7.0-6
- Resolves: rhbz#1984822 - lasso: FTBFS in test suite due to short test
-                           timeout (potentially OpenSSL-related)
-
 * Mon Jun 28 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.7.0-5
 - Don't run configure twice
 - Resolves: rhbz#1935987 - lasso implements and/or uses the deprecated