lp:ubuntu/precise/xml-security-c

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

12. By Ilya Barygin on 2011-08-20

No-change rebuild for libssl0.9.8 -> libssl1.0.0 transition.

11. By Russ Allbery on 2011-07-07

* Urgency high for security fix.
* New upstream release.
  - DSIGObject::load method crashes for ds:Object without Id attribute
  - Buffer overflow when signing or verifying files with big asymmetric
    keys (Closes: #632973, CVE-2011-2516)
  - Memory bug inside XENCCipherImpl::deSerialise
  - Function cleanURIEscapes always throws XSECException, when any
    escape sequence occurs
  - Function isHexDigit doesn't recognize invalid escape sequences
  - Percent-encoded multibyte (UTF-8) sequences unrecognized
  - RSA-OAEP handler only allows SHA-1 digests
* Update debian/watch for the new organization of Apache downloads.

10. By Russ Allbery on 2011-04-07

* Force build dependency on libssl-dev 1.0 or later for consistent build
  results. If some Shibboleth-related libraries are built against
  earlier versions of libssl, it produces linking failures when building
  the Shibboleth SP package.
* Remove Makefile.in on debian/rules clean since we regenerate these
  files by running Automake during the build.
* Update standards version to 3.9.2 (no changes required).

9. By Russ Allbery on 2011-03-06

* New upstream releaes.
  - Expose algorithm URI on Signature and Reference objects
  - White/blacklisting of otherwise registered algorithms
  - Allow selected XML Signature 1.1 KeyInfo extensions
  - Add elliptic curve keys and signatures via ECDSA
  - Support debugging of Reference/SignedInfo data
  - Add methods for Reference removal to DSIGSignature and
    DSIGSignedInfo classes
  - Lots of various bug fixes
* Add build dependency on pkg-config, which upstream now uses to find
  the SSL libraries.
* Remove --with-xerces from the configure flags, since "yes" is
  interpreted as a path to libraries and headers.
* Remove unnecessary --with-openssl from configure flags.
* Update to debhelper compatibility level V8.
  - Use the autotools-dev debhelper module for config.{sub,guess}.
  - Use debhelper rule minimization.
  - Move files to clean into a separate clean control file.
* Use autoreconf instead of running the tools separately.
* Update package home page for new upstream location.
* Update package long description for the new official upstream name.
* Update debian/copyright to the current DEP-5 specification.
* Install the upstream NOTICE.txt file.
* Change to Debian source format 3.0 (quilt). Force a single Debian
  patch for simplicity since the packaging is maintained in Git using
  branches, and include a patch header explaining why.
* debian/watch fixes for upstream distribution and versioning.
  - Mangle a tilde into upstream rc version numbers.
  - Update the upstream distribution URL.
  - Avoid matching signature and checksum files.
* Update standards version to 3.9.1 (no changes required).

8. By Russ Allbery on 2010-05-12

* Force source format 1.0 for now since it makes backporting easier.
* Add ${misc:Depends} to all package dependencies.
* Update debhelper compatibility level to V7.
  - Use dh_prep instead of dh_clean -k.
* Update standards version to 3.8.4 (no changes required).

7. By Ilya Barygin on 2010-03-22

No-change rebuild for libxerces-c3.0 -> libxerces-c3.1 transition.

6. By Russ Allbery on 2009-08-06

Fix the dependencies of libxml-security-c-dev to depend on Xerces-C
3.x and stop depending on Xalan, reflecting the changes to the library
build.

5. By Russ Allbery on 2009-08-05

* New upstream release.
  - Rename library package for upstream SONAME bump.
* Upstream now ships an older version of libtool, so run libtoolize and
  aclocal before the build. Add build dependencies on automake and
  libtool.
* Build against Xerces-C 3.0.
* Stop building against Xalan. The Xalan packages for Debian have been
  orphaned, the current Xalan release does not support Xerces-C 3.0, and
  porting it is not trivial.

4. By Russ Allbery on 2009-07-24

* CVE-2009-0217: Apply upstream patch to sanity-check the HMAC
  truncation length. Closes a vulnerability that could allow an
  attacker to spoof HMAC-based signatures and bypass authentication.
* Remove duplicate section for libxml-security-c14.
* Update standards version to 3.8.2 (no changes required).

3. By Russ Allbery on 2008-08-26

Drop the suggests of libxml-security-c-doc since upstream no longer
includes the documentation.