| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: xml-security | Distribution: openSUSE Tumbleweed |
| Version: 2.1.7 | Vendor: openSUSE |
| Release: 5.4 | Build date: Tue Sep 19 13:30:52 2023 |
| Group: Development/Libraries/Java | Build host: reproducible |
| Size: 1155722 | Source RPM: xml-security-2.1.7-5.4.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://santuario.apache.org/ | |
| Summary: Apache XML Security for Java | |
Apache XML Security for Java supports XML-Signature Syntax and Processing, W3C Recommendation 12 February 2002, and XML Encryption Syntax and Processing, W3C Recommendation 10 December 2002. As of version 1.4, the library supports the standard Java API JSR-105: XML Digital Signature APIs.
Apache-2.0
* Tue Sep 19 2023 Fridrich Strba <fstrba@suse.com>
- Do not require maven-javadoc-plugin that we don't use
* Mon Sep 11 2023 Fridrich Strba <fstrba@suse.com>
- Reproducible builds: use SOURCE_DATE_EPOCH for timestamp
* Wed Mar 30 2022 Fridrich Strba <fstrba@suse.com>
- Build against the standalone JavaEE modules inconditionally
* Fri Mar 18 2022 Fridrich Strba <fstrba@suse.com>
- Build against a standalone jaxb-api artifact on systems where the
JDK does not include the JavaEE modules
* Fri Dec 17 2021 Fridrich Strba <fstrba@suse.com>
- Upgrade to version 2.1.7 (bsc#1193879, CVE-2021-40690)
- Changes of 2.1.7
* Improvement
+ [SANTUARIO-572] - Disallow a KeyInfoReference to refer to a
RetrievalMethod
+ [SANTUARIO-577] - Introduce a system property to control if
file/http references are allowed from an unsigned context
- Changes of 2.1.6
* Bug
+ [SANTUARIO-542] - SignatureProperties incorrectly gets sibling
nodes of the parent element, instead of the child elements
+ [SANTUARIO-553] - JCE provider being resolved without key
causes wrong provider to be selected
+ [SANTUARIO-556] - WeakHashMap cache cause infinite loop
- Changes of 2.1.5
* Bug
+ [SANTUARIO-508] - NPE in XMLSignatureInput
+ [SANTUARIO-512] - security-config.xml is out of date
+ [SANTUARIO-514] - XMLSignature processes KeyInfo elements
twice
+ [SANTUARIO-515] - XMLSignature does not enforce structure of
the ds:Signature element
+ [SANTUARIO-523] - XMLSecurityStreamReader ignores information
in XML document declaration
+ [SANTUARIO-524] - Unable to pass Provider to HMAC
SignatureMethod
+ [SANTUARIO-526] - XMLSecStartDocumentImpl returns null version
instead of default "1.0"
- Changes of 2.1.4
* Fixes CVE-2019-12400: Apache Santuario potentially loads XML
parsing code from an untrusted source.
* Improvement
+ [SANTUARIO-507] - Deprecate WeakObjectPool DocumentBuilder
cache
* Task
+ [SANTUARIO-505] - Remove Doctypes from the streaming schemas
* Fri Jul 10 2020 Fridrich Strba <fstrba@suse.com>
- Initial packaging of xml-security 2.1.3
/usr/share/java/xml-security.jar /usr/share/java/xmlsec.jar /usr/share/licenses/xml-security /usr/share/licenses/xml-security/LICENSE /usr/share/licenses/xml-security/NOTICE /usr/share/maven-metadata/xml-security.xml /usr/share/maven-poms/xml-security.pom /usr/share/maven-poms/xmlsec.pom
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 30 23:23:08 2024