lp:ubuntu/trusty/xml-security-c

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

13. By Russ Allbery on 2012-01-31

* Revert changes to add symbols file. Due to churn in weak symbols for
  inlined functions, it doesn't appear maintainanable with existing
  tools, and for this library the shlibs behavior seems sufficient.
* Minor update to the format of the debian/copyright file.

12. By Ilya Barygin on 2011-08-20

No-change rebuild for libssl0.9.8 -> libssl1.0.0 transition.

11. By Russ Allbery on 2011-07-07

* Urgency high for security fix.
* New upstream release.
  - DSIGObject::load method crashes for ds:Object without Id attribute
  - Buffer overflow when signing or verifying files with big asymmetric
    keys (Closes: #632973, CVE-2011-2516)
  - Memory bug inside XENCCipherImpl::deSerialise
  - Function cleanURIEscapes always throws XSECException, when any
    escape sequence occurs
  - Function isHexDigit doesn't recognize invalid escape sequences
  - Percent-encoded multibyte (UTF-8) sequences unrecognized
  - RSA-OAEP handler only allows SHA-1 digests
* Update debian/watch for the new organization of Apache downloads.

10. By Russ Allbery on 2011-04-07

* Force build dependency on libssl-dev 1.0 or later for consistent build
  results. If some Shibboleth-related libraries are built against
  earlier versions of libssl, it produces linking failures when building
  the Shibboleth SP package.
* Remove Makefile.in on debian/rules clean since we regenerate these
  files by running Automake during the build.
* Update standards version to 3.9.2 (no changes required).

9. By Russ Allbery on 2011-03-06

* New upstream releaes.
  - Expose algorithm URI on Signature and Reference objects
  - White/blacklisting of otherwise registered algorithms
  - Allow selected XML Signature 1.1 KeyInfo extensions
  - Add elliptic curve keys and signatures via ECDSA
  - Support debugging of Reference/SignedInfo data
  - Add methods for Reference removal to DSIGSignature and
    DSIGSignedInfo classes
  - Lots of various bug fixes
* Add build dependency on pkg-config, which upstream now uses to find
  the SSL libraries.
* Remove --with-xerces from the configure flags, since "yes" is
  interpreted as a path to libraries and headers.
* Remove unnecessary --with-openssl from configure flags.
* Update to debhelper compatibility level V8.
  - Use the autotools-dev debhelper module for config.{sub,guess}.
  - Use debhelper rule minimization.
  - Move files to clean into a separate clean control file.
* Use autoreconf instead of running the tools separately.
* Update package home page for new upstream location.
* Update package long description for the new official upstream name.
* Update debian/copyright to the current DEP-5 specification.
* Install the upstream NOTICE.txt file.
* Change to Debian source format 3.0 (quilt). Force a single Debian
  patch for simplicity since the packaging is maintained in Git using
  branches, and include a patch header explaining why.
* debian/watch fixes for upstream distribution and versioning.
  - Mangle a tilde into upstream rc version numbers.
  - Update the upstream distribution URL.
  - Avoid matching signature and checksum files.
* Update standards version to 3.9.1 (no changes required).

8. By Russ Allbery on 2010-05-12

* Force source format 1.0 for now since it makes backporting easier.
* Add ${misc:Depends} to all package dependencies.
* Update debhelper compatibility level to V7.
  - Use dh_prep instead of dh_clean -k.
* Update standards version to 3.8.4 (no changes required).

7. By Ilya Barygin on 2010-03-22

No-change rebuild for libxerces-c3.0 -> libxerces-c3.1 transition.

6. By Russ Allbery on 2009-08-06

Fix the dependencies of libxml-security-c-dev to depend on Xerces-C
3.x and stop depending on Xalan, reflecting the changes to the library
build.

5. By Russ Allbery on 2009-08-05

* New upstream release.
  - Rename library package for upstream SONAME bump.
* Upstream now ships an older version of libtool, so run libtoolize and
  aclocal before the build. Add build dependencies on automake and
  libtool.
* Build against Xerces-C 3.0.
* Stop building against Xalan. The Xalan packages for Debian have been
  orphaned, the current Xalan release does not support Xerces-C 3.0, and
  porting it is not trivial.

4. By Russ Allbery on 2009-07-24

* CVE-2009-0217: Apply upstream patch to sanity-check the HMAC
  truncation length. Closes a vulnerability that could allow an
  attacker to spoof HMAC-based signatures and bypass authentication.
* Remove duplicate section for libxml-security-c14.
* Update standards version to 3.8.2 (no changes required).