Debian Linux Security Advisory 1895-2 – In DSA-1895-1, the xmltooling package was updated to address several security issues. It turns out that the change related to SAML metadata processing for key constraints caused problems when applied without the matching changes in the opensaml2 and shibboleth-sp2 packages.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/81933/dsa-1895-2.txt
Source: https://packetstormsecurity.com/files/81933/Debian-Linux-Security-Advisory-1895-2.html