[jira] [Commented] (CXF-5565) update to opensaml 2.6.1

Thu, 20 Feb 2014 00:00:08 -0800 

    [ 
https://issues.apache.org/jira/browse/CXF-5565?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13906730#comment-13906730
 ] 

Willem Jiang commented on CXF-5565:
-----------------------------------

I tried to upgrade the opensaml version in the 2.7.x-fixes branch by specify 
the opensaml version in the pom.xml,  I got some NPE test error in STS core and 
build error in STS system test. Do I miss something?
{code}
diff --git a/parent/pom.xml b/parent/pom.xml
index b4b6a11..43884e6 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -135,8 +135,8 @@
         <cxf.oauth.bundle.version>20100527_1</cxf.oauth.bundle.version>
         <cxf.opensaml.version>2.6.1</cxf.opensaml.version>
         <cxf.opensaml.osgi.version>2.6.1_1</cxf.opensaml.osgi.version>
-        
<cxf.opensaml.xmltooling.version>1.4.0_1</cxf.opensaml.xmltooling.version>
-        <cxf.opensamlws.version>1.5.0_1</cxf.opensamlws.version>
+        
<cxf.opensaml.xmltooling.version>1.3.2-1</cxf.opensaml.xmltooling.version>
+        <cxf.opensamlws.version>1.4.2-1</cxf.opensamlws.version>
         <cxf.rhino.version>1.7R2</cxf.rhino.version>
         <cxf.saaj-api.version>1.3.5</cxf.saaj-api.version>
         
<cxf.servlet-api.group>org.apache.geronimo.specs</cxf.servlet-api.group>
diff --git a/rt/security/pom.xml b/rt/security/pom.xml
index 9f97de1..3d4ffcf 100644
--- a/rt/security/pom.xml
+++ b/rt/security/pom.xml
@@ -60,6 +60,21 @@
             </exclusions>
        </dependency>
        <dependency>
+            <groupId>org.opensaml</groupId>
+            <artifactId>opensaml</artifactId>
+            <version>${cxf.opensaml.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.opensaml</groupId>
+            <artifactId>openws</artifactId>
+            <version>${cxf.opensamlws.version}</version>
+        </dependency>
+       <dependency>
+            <groupId>org.opensaml</groupId>
+            <artifactId>xmltooling</artifactId>
+            <version>${cxf.opensaml.xmltooling.version}</version>
+        </dependency>
+       <dependency>
            <groupId>commons-logging</groupId>
            <artifactId>commons-logging</artifactId>
        </dependency>
diff --git a/rt/ws/security/pom.xml b/rt/ws/security/pom.xml
index 7fdcae8..120ce8d 100644
--- a/rt/ws/security/pom.xml
+++ b/rt/ws/security/pom.xml
@@ -102,6 +102,21 @@
             </exclusions>
         </dependency>
         <dependency>
+            <groupId>org.opensaml</groupId>
+            <artifactId>opensaml</artifactId>
+            <version>${cxf.opensaml.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.opensaml</groupId>
+            <artifactId>openws</artifactId>
+            <version>${cxf.opensamlws.version}</version>
+        </dependency>
+       <dependency>
+            <groupId>org.opensaml</groupId>
+            <artifactId>xmltooling</artifactId>
+            <version>${cxf.opensaml.xmltooling.version}</version>
+        </dependency>
+        <dependency>
             <groupId>commons-logging</groupId>
             <artifactId>commons-logging</artifactId>
         </dependency>
{code}

> update to opensaml 2.6.1
> ------------------------
>
>                 Key: CXF-5565
>                 URL: https://issues.apache.org/jira/browse/CXF-5565
>             Project: CXF
>          Issue Type: Task
>            Reporter: Jonathan Anstey
>            Assignee: Willem Jiang
>         Attachments: CXF-5565.patch
>
>
> Fixes CVE-2013-6440. Waiting for SMX bundles release to complete first though.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to