Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

xml-security-2.1.7-bp155.2.65 RPM for noarch

From OpenSuSE Leap 15.5 for noarch

Name: xml-security Distribution: SUSE Linux Enterprise 15 SP5
Version: 2.1.7 Vendor: openSUSE
Release: bp155.2.65 Build date: Mon May 22 11:53:24 2023
Group: Development/Libraries/Java Build host: old-cirrus4
Size: 1144175 Source RPM: xml-security-2.1.7-bp155.2.65.src.rpm
Packager: https://bugs.opensuse.org
Url: https://santuario.apache.org/
Summary: Apache XML Security for Java
 
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.

Provides

Requires

License

Apache-2.0

Changelog

* Fri Dec 17 2021 Fridrich Strba <fstrba@suse.com>
  - Upgrade to version 2.1.7 (bsc#1193879, CVE-2021-40690)
  - Changes of 2.1.7
    * Improvement
      + [SANTUARIO-572] - Disallow a KeyInfoReference to refer to a
      RetrievalMethod
      + [SANTUARIO-577] - Introduce a system property to control if
      file/http references are allowed from an unsigned context
  - Changes of 2.1.6
    * Bug
      + [SANTUARIO-542] - SignatureProperties incorrectly gets sibling
      nodes of the parent element, instead of the child elements
      + [SANTUARIO-553] - JCE provider being resolved without key
      causes wrong provider to be selected
      + [SANTUARIO-556] - WeakHashMap cache cause infinite loop
  - Changes of 2.1.5
    * Bug
      + [SANTUARIO-508] - NPE in XMLSignatureInput
      + [SANTUARIO-512] - security-config.xml is out of date
      + [SANTUARIO-514] - XMLSignature processes KeyInfo elements
      twice
      + [SANTUARIO-515] - XMLSignature does not enforce structure of
      the ds:Signature element
      + [SANTUARIO-523] - XMLSecurityStreamReader ignores information
      in XML document declaration
      + [SANTUARIO-524] - Unable to pass Provider to HMAC
      SignatureMethod
      + [SANTUARIO-526] - XMLSecStartDocumentImpl returns null version
      instead of default "1.0"
  - Changes of 2.1.4
    * Fixes CVE-2019-12400: Apache Santuario potentially loads XML
      parsing code from an untrusted source.
    * Improvement
      + [SANTUARIO-507] - Deprecate WeakObjectPool DocumentBuilder
      cache
    * Task
      + [SANTUARIO-505] - Remove Doctypes from the streaming schemas
* Fri Jul 10 2020 Fridrich Strba <fstrba@suse.com>
  - Initial packaging of xml-security 2.1.3

Files

/usr/share/java/xml-security.jar
/usr/share/java/xmlsec.jar
/usr/share/licenses/xml-security
/usr/share/licenses/xml-security/LICENSE
/usr/share/licenses/xml-security/NOTICE
/usr/share/maven-metadata/xml-security.xml
/usr/share/maven-poms/xml-security.pom
/usr/share/maven-poms/xmlsec.pom

Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Feb 9 16:24:48 2026