python-pysaml2 (7.1.0-0ubuntu3) noble; urgency=medium

  * Drop build-dependency on python3-future, no longer needed
    (LP: #2051564)

 -- Graham Inggs <ginggs@ubuntu.com>  Sat, 23 Mar 2024 16:47:15 +0000

python-pysaml2 (7.1.0-0ubuntu2) jammy; urgency=medium

  * d/control: Drop old python3-crypto BD in favor of python3-cryptography.

 -- Corey Bryant <corey.bryant@canonical.com>  Fri, 25 Mar 2022 16:40:43 -0400

python-pysaml2 (7.1.0-0ubuntu1) jammy; urgency=medium

  * New upstream release for OpenStack Yoga.
  * d/control: Bump debhelper compat to 13.
  * d/p/use-importlib.resources-in-python-3.7.patch: Dropped. Fixed
    upstream.

 -- Corey Bryant <corey.bryant@canonical.com>  Wed, 12 Jan 2022 15:05:07 -0500

python-pysaml2 (7.0.1-0ubuntu1) jammy; urgency=medium

  * New upstream release for OpenStack Yoga.
  * d/patches/*: No longer needed. Fixed in upstream release.
  * d/control: Align (Build-)Depends with upstream.
  * d/p/use-importlib.resources-in-python-3.7.patch: Use importlib.resources
    from the standard library instead of having to depend on
    importlib_resources from universe.

 -- Corey Bryant <corey.bryant@canonical.com>  Fri, 03 Dec 2021 16:28:05 -0500

python-pysaml2 (6.1.0-0ubuntu2) impish; urgency=medium

  * SECURITY UPDATE: improper verification of cryptographic signature
    - debian/patches/CVE-2021-21239.patch: restrict the key data that
      xmlsec1 accepts to only x509 certs in src/saml2/sigver.py,
      tests/test_xmlsec1_key_data.py,
      tests/xmlsec1-keydata/signed-assertion-random-embedded-cert.xml,
      tests/xmlsec1-keydata/signed-assertion-with-hmac.xml,
      tests/xmlsec1-keydata/signed-response-with-hmac.xml.
    - CVE-2021-21239
  * debian/patches/python39compat.patch: fix FTBFS with Python 3.9.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 08 Sep 2021 09:24:25 -0400

python-pysaml2 (6.1.0-0ubuntu1) groovy; urgency=medium

  * New upstream release for OpenStack Victoria.
  * d/p/update-test-metadata-expiration.patch: Dropped. Fixed upstream.

 -- Corey Bryant <corey.bryant@canonical.com>  Wed, 29 Jul 2020 15:02:25 -0400

python-pysaml2 (5.0.0-0ubuntu1) groovy; urgency=medium

  * New upstream release.
  * d/control, d/compat: Switch to debhelper compat 12.
  * d/control: Update Standards-Version to 4.5.0.
  * d/p/skip-online-tests.patch: Dropped. No longer needed.
  * d/p/CVE-2020-5390.patch: Droped. Fixed upstream.

 -- Corey Bryant <corey.bryant@canonical.com>  Fri, 12 Jun 2020 14:04:51 -0400

python-pysaml2 (4.9.0-0ubuntu3) focal; urgency=medium

  * d/p/update-test-metadata-expiration.patch: Cherry pick fix to update
    test metadata expiration to 2999 resolving FTBFS (LP: #1870077).

 -- James Page <james.page@ubuntu.com>  Fri, 03 Apr 2020 11:26:41 +0100

python-pysaml2 (4.9.0-0ubuntu2) focal; urgency=medium

  * SECURITY UPDATE: Signature in SAML doc not checked properly
    - debian/patches/CVE-2020-5390.patch: fix XML signature wrapping
      (XSW) in src/saml2/sigver.py, tests/saml2_response_xsw.xml,
      tests/test_xsw.py.
    - CVE-2020-5390

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Tue, 21 Jan 2020 15:07:23 -0300

python-pysaml2 (4.9.0-0ubuntu1) focal; urgency=medium

  * d/control, d/rules, d/*.{postinst,prerm,postrm}: Drop py2 support
    as there are no more reverse-depends.
  * d/copyright: Drop Files-Excluded. The latest release tarballs no longer
    include these files.
  * d/watch: Get tarball from github as pypi version is missing files.
  * New upstream release for OpenStack Ussuri.
  * d/p/fix-test-pathing.patch: Dropped. Test no longer exists.
  * d/p/skip-online-tests.patch: Rebased.
  * d/rules: Switch to pybuild and 'python3 -m sphinx'.

 -- Corey Bryant <corey.bryant@canonical.com>  Fri, 13 Dec 2019 16:59:07 -0500

python-pysaml2 (4.5.0+dfsg1-0ubuntu1) cosmic; urgency=medium

  [ Corey Bryant ]
  * d/gbp.conf: Update gbp configuration file.
  * d/control: Update Vcs-* links and maintainers.

  [ James Page ]
  * New upstream release for OpenStack Rocky:
    - d/p/CVE-*.patch: Drop, included in release.
    - d/p/disable-repoze.who-tests.patch,fix-test-41-response.patch,
      fix-tests.patch: Drop, no longer needed.
    - d/p/*: Refresh.
    - d/control: Add BD on python{3}-future.
  * d/copyright: Move global file wildcard to first paragraph.
  * d/control: Bumped Standards-Version to 4.2.0.
  * d/watch: Add dversionmangle for dfsg repack.

 -- James Page <james.page@ubuntu.com>  Tue, 14 Aug 2018 12:11:40 +0100

python-pysaml2 (4.0.2-0ubuntu3) bionic; urgency=medium

  * SECURITY UPDATE: Any password can be used if optimizations are enabled
    - debian/patches/CVE-2017-1000433.patch: fixes authentication bypass due
      to optimizations in src/saml2/authn.py.
    - CVE-2017-1000433
  * Add a fix patch for test_41_response
    - debian/patches/fix-test-41-response.patch

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Thu, 22 Feb 2018 11:20:28 -0300

python-pysaml2 (4.0.2-0ubuntu2) bionic; urgency=medium

  * d/p/skip-online-tests.patch: Skip misc tests that require open
    access to misc internet resources.

 -- James Page <james.page@ubuntu.com>  Wed, 15 Nov 2017 15:57:41 +0000

python-pysaml2 (4.0.2-0ubuntu1) bionic; urgency=medium

  * New upstream release.
  * d/rules,control: Add missing BD's on requests, defusedxml and
    mock, fix execution of unit tests under default py2/3.
  * d/p/fix-test-pathing.patch: Misc fixes for tests that fail due
    to expired test data and invalid relative pathing.

 -- James Page <james.page@ubuntu.com>  Wed, 15 Nov 2017 13:54:58 +0000

python-pysaml2 (3.0.0-3ubuntu2) artful; urgency=medium

  * SECURITY UPDATE: External Entity vulnerability
    - debian/patches/CVE-2016-10149.patch: fixes XXE issues in
      setupy.py, src/saml2/__init__.py, src/saml2/pack.py,
      src/saml2/soap.py, tests/test_03_saml2.py,
      tests/test_43_soap.py, tests/test_51_client.py.
    - CVE-2016-10149
  * Some tests fails in upstream test suite. Adding the
    corresponding fix.
    - debian/patches/fix-tests.patch

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Tue, 22 Aug 2017 17:37:33 -0300

python-pysaml2 (3.0.0-3ubuntu1) xenial; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/control: Drop runtime dependencies on python{,3}-repoze.who back
      to a Suggests, remove BD. Depend on pymongo 3.0 and higher.
    - debian/patches/disable-repoze.who-tests.patch: Skip hard requirement on
      repoze.who and dependent tests, as repoze.who is unmaintained and
      out-of-date in Debian and Ubuntu.

 -- Łukasz 'sil2100' Zemczak <lukasz.zemczak@ubuntu.com>  Thu, 18 Feb 2016 12:53:50 +0100

python-pysaml2 (3.0.0-3) unstable; urgency=medium

  * override_dh_python3 to fix Py3 shebang.

 -- Thomas Goirand <zigo@debian.org>  Fri, 23 Oct 2015 23:48:31 +0000

python-pysaml2 (3.0.0-2) unstable; urgency=medium

  * Uploading to unstable.

 -- Thomas Goirand <zigo@debian.org>  Fri, 16 Oct 2015 10:34:56 +0000

python-pysaml2 (3.0.0-1) experimental; urgency=medium

  * New upstream release.
  * Added Python3 support.
  * Updated watch file to use github tag and not broken pypi.

 -- Thomas Goirand <zigo@debian.org>  Fri, 31 Jul 2015 08:47:57 +0000

python-pysaml2 (2.4.0-2) unstable; urgency=medium

  * Makes build reproducible thanks to Juan Picca (Closes: #789751).

 -- Thomas Goirand <zigo@debian.org>  Fri, 26 Jun 2015 15:41:09 +0200

python-pysaml2 (2.4.0-1) unstable; urgency=medium

  * New upstream release.
  * Dropped X-Python-Version: >= 2.7.
  * Standard-Versions: is now 3.9.6.
  * Also renames /usr/bin/merge_metadata.py as pysaml2-merge-metadata.

 -- Thomas Goirand <zigo@debian.org>  Fri, 15 May 2015 17:48:07 +0200

python-pysaml2 (2.4.0-0ubuntu2) wily; urgency=medium

  * debian/control:
    - Depend on python-pymongo versions 3.0 and higher
  * debian/patches/fix-build-against-new-pymongo.patch:
    - Cherry-pick fix pysaml2 with python-pymongo 3.0
  * debian/patches/fix-test-failures.patch:
    - Fix the newly failing test failures (LP: #1503698)

 -- Łukasz 'sil2100' Zemczak <lukasz.zemczak@canonical.com>  Thu, 08 Oct 2015 20:16:42 +0200

python-pysaml2 (2.4.0-0ubuntu1) vivid; urgency=medium

  * New upstream release, supporting MIR for keystone (LP: #1434526):
    - d/control: Drop runtime dependency on python-repoze.who back to
      a Suggests, remove BD.
    - d/p/disable-repoze.who-tests.patch: Skip hard requirement on repoze.who
      and dependent tests, as repoze.who is unmaintained and out-of-date
      in Debian and Ubuntu.
    - d/p/*: Drop all previous patches, no longer required.

 -- James Page <james.page@ubuntu.com>  Mon, 23 Mar 2015 13:33:26 +0000

python-pysaml2 (2.2.0-0ubuntu2) vivid; urgency=medium

  * d/p/disable-online-tests.patch: Disable tests that require access to
    online resources.

 -- James Page <james.page@ubuntu.com>  Thu, 08 Jan 2015 11:54:09 +0000

python-pysaml2 (2.2.0-0ubuntu1) vivid; urgency=medium

  * New upstream release.
    - d/control: Add python-pymongo to BD's.
    - d/p/disable-failing-tests.patch: Disable two tests that currently
      fail in the upstream code base.
    - d/p/fix-error-tests.patch: Fixup problems with lack of full_path
      use in some test cases.
  * d/watch: Fix parsing of pypi urls.

 -- James Page <james.page@ubuntu.com>  Thu, 08 Jan 2015 11:43:42 +0000

python-pysaml2 (2.0.0-1) unstable; urgency=medium

  * Initial release. (Closes: #760824)

 -- Thomas Goirand <zigo@debian.org>  Mon, 08 Sep 2014 16:11:53 +0800

