lp:ubuntu/raring/xmltooling
- Get this branch:
- bzr branch lp:ubuntu/raring/xmltooling
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 14. By Russ Allbery
-
* Revert changes to add symbols file. Due to churn in weak symbols for
inlined functions, it doesn't appear maintainanable with existing
tools, and for this library the shlibs behavior seems sufficient.
* Update Autotools build files via dh_autoreconf.
* Force linking with -lpthread, working around a bug in libtool that
drops the linkage because it uses -nostdlib. See #468555. - 13. By Russ Allbery
-
* New upstream release.
- Fix use attribute in shorthand file CredentialResolver
- Fix handling of SOAP 1.1 fault package
- Make library init routines idempotent
* Make removal of the Doxygen-installed jquery.js file conditional on
its existence, since some versions of Doxygen don't install it.
* Update debian/watch for the new upstream distribution location. - 11. By Russ Allbery
-
* Add explicit build dependency on libssl-dev, which is used directly by
this package, and force build dependency on libssl-dev 1.0 or later
for consistent build results. If some Shibboleth-related libraries
are built against earlier versions of libssl, it produces linking
failures when building the Shibboleth SP package.
* Update standards version to 3.9.2 (no changes required). - 10. By Michael Bienia
-
configure, configure.ac:
Use LIBS instead of LDFLAGS for log4cpp libs (Closes: #606486). - 9. By Russ Allbery
-
* Force source format 1.0 for now since it makes backporting easier.
* Add ${misc:Depends} to all package dependencies.
* Update standards version to 3.8.4 (no changes required). - 7. By Russ Allbery
-
* New upstream release.
- Allow the empty string in assignment to DateTime members.
- Allow configuration to not extract local credential names for
matching purposes. - 6. By Russ Allbery
-
* Urgency set to high for security fix.
* New upstream release.
- SECURITY: Partial fix for improper handling of URLs that could be
abused for script injection and other cross-site scripting attacks.
The complete fix also requires newer opensaml2 and shibboleth-sp2
packages. (CVE-2009-3300)
- Add setter for KeyInfoResolver object.
- Fix extraction of cert info for UTF-8 handling changes.
- Fix passing of TransportOption configuration to cURL.
- Fix instability in reusing a DOM after signing it.
- Remove xmlns:xml namespace declaration when marshalling and
unmarshalling to avoid canonicalization bugs.
* Rename library package for upstream SONAME bump.
* Build-depend on libxml-security- c-dev 1.5 or later and make
libxmltooling-dev depend on libxml-security- c-dev 1.5 or later to
ensure that all builds are consistent. Although this package will
build with 1.4, the other packages built on xmltooling require 1.5. - 5. By Russ Allbery
-
* Urgency set to high for security fix.
* New upstream release.
- SECURITY: Fix potential buffer overflows and reuses of freed objects
in error handling code paths with invalid XML or with malformed
URLs. See the upstream security advisory at
http://shibboleth. internet2. edu/secadv/ secadv_ 20090826. txt
- Fix other validation issues with malformed objects.
- Fix for accessing the resolution context, which affects the ability
of callers to restrict keys based on use attributes.
- Fix encoding of backup metadata.
* Update debhelper compatibility level to V7.
- Use dh_prep instead of dh_clean -k.
* Update standards version to 3.8.3 (no changes required).
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/saucy/xmltooling