Log Message:
Release Notes - Shibboleth SP - C++ - Version 2.4.2

** Bug
    * [SSPCPP-346] - WAYF discovery session initiation ends with error "basic_st
ring::_S_construct NULL not valid"
    * [SSPCPP-354] - Installers for 2.4.2 are installing the wrong config file

** Improvement
    * [SSPCPP-347] - --with-xmlsec is not taken into account for test xmltooling
 version in SP build

Release Notes - Shibboleth SP - C++ - Version 2.4.1

** Bug
    * [SSPCPP-325] - ShibAccessControl requires ShibRequireAll to work 
    * [SSPCPP-327] - Cache timeout calculation has a hole in the event no Sessio
ns properties are found
    * [SSPCPP-328] - Session cache applies wrong cache timeout value
    * [SSPCPP-329] - Storage-backed relay state value range is insufficient for 
high loads
    * [SSPCPP-334] - Use of <Query> in RequestMap causes POST data to be lost

** Improvement
    * [SSPCPP-338] - RedHat Repository distribution tag

Release Notes - Shibboleth SP - C++ - Version 2.4

** Bug
    * [SSPCPP-106] - Security issue with keygen.sh
    * [SSPCPP-271] - SAML 2 logout with non-supporting IdP should pass control t
o Local handler
    * [SSPCPP-272] - shibd removes the pidfile even if it didn't create it
    * [SSPCPP-274] - isPassive option would break non-SAML2 Initiator handlers
    * [SSPCPP-277] - Bursty traffic exhausts thread resource limits
    * [SSPCPP-279] - mod_shib crashes apache on child initialization
    * [SSPCPP-282] - SAML 2 logout handler doesn't support dedicated policyId pr
operty
    * [SSPCPP-288] - Metadata handler should generate both validUntil and cacheD
uration
    * [SSPCPP-303] - Content settings not applied when using SAMLDS SessionIniti
ator
    * [SSPCPP-305] - Logout redirection fails when 'return' parameter is supplie
d as part of the logout URL
    * [SSPCPP-306] - Segfault on invalid configuration
    * [SSPCPP-309] - fetched ODBC data is misinterpreted on (some) x86_64 system
s
    * [SSPCPP-310] - Default deny policy in attribute-policy.xml does not work
    * [SSPCPP-311] - Logging of NameID values > 255 characters is truncated
    * [SSPCPP-314] - Negating access control rules not working
    * [SSPCPP-318] - Manifest Hell with mod_shib on windows
    * [SSPCPP-321] - Unexpected behaviour of specified - but missing - filter pl
ugin

** Improvement
    * [SSPCPP-74] - Simplified configuration mechanism
    * [SSPCPP-195] - Web server module can build incorrect XML messages which sh
ibd then fails to parse
    * [SSPCPP-210] - If possible, allow inheritance of RelyingParty definitions 
in ApplicationOverride
    * [SSPCPP-213] - Simple Attribute aggregation testing and improvement sugges
tions
    * [SSPCPP-222] - Status handler could provide more information
    * [SSPCPP-254] - New endpoint to produce JSON data used by new Discovery Ser
vice
    * [SSPCPP-275] - Autogenerated metadata / make the EntityDescriptor/ID stabl
e
    * [SSPCPP-276] - Isolate schema files in a versioned directory
    * [SSPCPP-278] - Return 403 on access failures even with templates
    * [SSPCPP-284] - Give dynamic metadata plugin ability to regex-transform ent
ityID into a URL
    * [SSPCPP-285] - Use the non-blocking mode of the libmemcached library for b
etter performance
    * [SSPCPP-287] - Support for multibyte request paths
    * [SSPCPP-289] - Add option to session cache to avoid storing complete asser
tions
    * [SSPCPP-293] - Externalize security policy config and add plugin interface
 for it
    * [SSPCPP-297] - Metadata Fetch with a UserAgent String
    * [SSPCPP-298] - Support MDX-style artifact lookup in dynamic MD plugin
    * [SSPCPP-299] - Provide option for carrying session/storage service key in 
HTTP header
    * [SSPCPP-300] - Admit defeat and support "unspecified" NameFormat \ 
without s
pecial config
    * [SSPCPP-302] - Override listener details using environment/etc to allow fo
r shared config
    * [SSPCPP-313] - Add error information to attribute ResolutionContext

** New Feature
    * [SSPCPP-263] - Hard code target value in session
    * [SSPCPP-273] - Allow restrictions on signing/digest algorithms to accept.
    * [SSPCPP-280] -  RFE: Load sysconfig file from init.d script.
    * [SSPCPP-281] - RFE:  Support for -o and -u on keygen.sh script.
    * [SSPCPP-301] - Request for adding the SessionIndex of an AuthnStatement to
 the Environment Variables/Request Headers
    * [SSPCPP-304] - Support for metadata extensions for algorithm support.
    * [SSPCPP-312] - New extension for decoding base64 encoded attributes
    * [SSPCPP-315] - Outsource XMLAccess Control file to external file for use i
n Apache config
    * [SSPCPP-320] - Support explicit filtering of NameID by qualifiers
    * [SSPCPP-324] - Add a function that can convert published attribute value t
o url-encoded string before exported to headers in ISAPI SP