Merge pull request #226 from OpenConext/feature/cve-2019-3465-r16

Upgrade xmlseclibs to version 3.0.4
OpenConext · Nov 7, 2019 · 91b9388 · 91b9388
2 parents 32eb467 + d6ce631
commit 91b9388
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 12 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -36,3 +36,8 @@ branches:
     - master
     - develop
     - release/2.10
+
+addons:
+  apt:
+    packages:
+      - ant
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,11 +1,10 @@
 # Changelog
 
 ## 2.10.8
-**Improvement**
-* Install security updates
-
-# 2.10.7
+This is a security release that will harden the application against CVE 2019-346
+ * Upgrade xmlseclibs to version 3.0.4 #226 
 
+## 2.10.7
 **Features**
 * Allow filtering the RA candidate on institute #201
 * Add search support on the RA management page #200

diff --git a/composer.lock b/composer.lock
-Original file line number
+Diff line change
@@ Expand Up / @@ -36,3 +36,8 @@ branches: @@
         - master
         - develop
         - release/2.10
+    addons:
+      apt:
+        packages:
+          - ant