From 6cb213e5f3a77f9fe05a9fa0b1bc2a35fcb3adf7 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne
Date: Wed, 5 Jan 2011 11:41:46 +0100
Subject: [PATCH] =?UTF-8?q?[=C5=95elease]=20Add=20release=20notes,=20updat?=
=?UTF-8?q?e=20doap=20files=20and=20website?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
NEWS | 40 +++++++++++++++++++++++++++
lasso.doap | 4 +++
website/web/doap.rdf | 4 +++
website/web/index.xml | 6 ++--
website/web/news/19-release-2.3.5.xml | 17 ++++++++++++
5 files changed, 68 insertions(+), 3 deletions(-)
create mode 100644 website/web/news/19-release-2.3.5.xml
diff --git a/NEWS b/NEWS
index 790088ca..2b4cf509 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,46 @@
NEWS
====
+2.3.5 - January 11th 2010
+-------------------------
+
+36 commits, 31 files changed, 240 insertions, 92 deletions
+
+Generic:
+ * add more backward compatible replacement for GHashTable methods (to compile
+ under centos5)
+ * a generic way to attach encryption parameters to LassoNode has been added, a
+ future major release should see the removal of specific field for storing
+ those parameters in node supporting encryption.
+ * The way we format encrypted node is now more compatible with Shibboleth and
+ I hope with other implementations: the KeyInfo is kept inside the
+ EncryptedData element, and not repeated inside a child of the EncryptedElement.
+ * Fixed: LASSO_SIGNATURE_VERIFY_HINT_FORCE did not force checking signature on
+ messages
+ * Fixed: lasso_provider_get_first_http_method broke when an unknown binding
+ was found in an endpoint declaration
+
+SAMLv2:
+ * Fixed: segfault when checking signature on logout responses (introduced in 2.3.4)
+ * SPNameQualifier is more set on subject NameID of assertions, as it should be
+ reserved for Affiliation members (and it broke shibboleth which only expect
+ this to be used for affiliation, wrongly I think).
+ * Conditions->notBefore/notOnOrAfter is motre setted by
+ lasso_login_build_assertion, only notOnOrAfter on SubjectConfirmationData,
+ which is more inline with the specification.
+ * the logout profile now use the session to initialize the NameID in requests,
+ not the identity. It allow to have a transient federation in the session but
+ a persistent one in the identity
+ * fixed support for the POST binding
+ * Fixed: it seems that strtol does not reset errno under Centos 5, we do it by hand.
+
+Python binding:
+ * constructors now raise a lasso.Error instead of a simple Exception when failing
+
+PHP5 binding:
+ * removed dependency upon an internal function of liblasso3
+
+
2.3.4 - Otober 8th 2010
-----------------------
diff --git a/lasso.doap b/lasso.doap
index b1e171d0..0c04773b 100644
--- a/lasso.doap
+++ b/lasso.doap
@@ -61,6 +61,10 @@
+
+ 2011-01-05
+ 2.3.5
+
2010-10-13
2.3.4
diff --git a/website/web/doap.rdf b/website/web/doap.rdf
index b1e171d0..0c04773b 100644
--- a/website/web/doap.rdf
+++ b/website/web/doap.rdf
@@ -61,6 +61,10 @@
+
+ 2011-01-05
+ 2.3.5
+
2010-10-13
2.3.4
diff --git a/website/web/index.xml b/website/web/index.xml
index d3d65f5c..f0999be1 100644
--- a/website/web/index.xml
+++ b/website/web/index.xml
@@ -46,9 +46,9 @@
- The most recent version of Lasso is 2.3.4. You can
- download
- the 2.3.4 tarball here or get more options on the general 2.3.5. You can
+ download
+ the 2.3.5 tarball here or get more options on the general download page.
diff --git a/website/web/news/19-release-2.3.5.xml b/website/web/news/19-release-2.3.5.xml
new file mode 100644
index 00000000..70dea605
--- /dev/null
+++ b/website/web/news/19-release-2.3.5.xml
@@ -0,0 +1,17 @@
+
+
+
2010-10-13: Released 2.3.4
+
+
+ Lasso 2.3.5 have been released.
+ Download 2.3.5 now
+
+
+
+ What changed ?
+ Fix compilation bugs under Centos5 mainly in bindings. Fix segfault in logout
+ response handling. Improve compatibility with Shibboleth 2.0 (was tested
+ against IdP from the Frend academic network, the CRU).
+
+
+