lp:ubuntu/trusty/xml-security-c
- Get this branch:
- bzr branch lp:ubuntu/trusty/xml-security-c
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 13. By Russ Allbery
-
* Revert changes to add symbols file. Due to churn in weak symbols for
inlined functions, it doesn't appear maintainanable with existing
tools, and for this library the shlibs behavior seems sufficient.
* Minor update to the format of the debian/copyright file. - 11. By Russ Allbery
-
* Urgency high for security fix.
* New upstream release.
- DSIGObject::load method crashes for ds:Object without Id attribute
- Buffer overflow when signing or verifying files with big asymmetric
keys (Closes: #632973, CVE-2011-2516)
- Memory bug inside XENCCipherImpl::deSerialise
- Function cleanURIEscapes always throws XSECException, when any
escape sequence occurs
- Function isHexDigit doesn't recognize invalid escape sequences
- Percent-encoded multibyte (UTF-8) sequences unrecognized
- RSA-OAEP handler only allows SHA-1 digests
* Update debian/watch for the new organization of Apache downloads. - 10. By Russ Allbery
-
* Force build dependency on libssl-dev 1.0 or later for consistent build
results. If some Shibboleth-related libraries are built against
earlier versions of libssl, it produces linking failures when building
the Shibboleth SP package.
* Remove Makefile.in on debian/rules clean since we regenerate these
files by running Automake during the build.
* Update standards version to 3.9.2 (no changes required). - 9. By Russ Allbery
-
* New upstream releaes.
- Expose algorithm URI on Signature and Reference objects
- White/blacklisting of otherwise registered algorithms
- Allow selected XML Signature 1.1 KeyInfo extensions
- Add elliptic curve keys and signatures via ECDSA
- Support debugging of Reference/SignedInfo data
- Add methods for Reference removal to DSIGSignature and
DSIGSignedInfo classes
- Lots of various bug fixes
* Add build dependency on pkg-config, which upstream now uses to find
the SSL libraries.
* Remove --with-xerces from the configure flags, since "yes" is
interpreted as a path to libraries and headers.
* Remove unnecessary --with-openssl from configure flags.
* Update to debhelper compatibility level V8.
- Use the autotools-dev debhelper module for config.{sub,guess}.
- Use debhelper rule minimization.
- Move files to clean into a separate clean control file.
* Use autoreconf instead of running the tools separately.
* Update package home page for new upstream location.
* Update package long description for the new official upstream name.
* Update debian/copyright to the current DEP-5 specification.
* Install the upstream NOTICE.txt file.
* Change to Debian source format 3.0 (quilt). Force a single Debian
patch for simplicity since the packaging is maintained in Git using
branches, and include a patch header explaining why.
* debian/watch fixes for upstream distribution and versioning.
- Mangle a tilde into upstream rc version numbers.
- Update the upstream distribution URL.
- Avoid matching signature and checksum files.
* Update standards version to 3.9.1 (no changes required). - 8. By Russ Allbery
-
* Force source format 1.0 for now since it makes backporting easier.
* Add ${misc:Depends} to all package dependencies.
* Update debhelper compatibility level to V7.
- Use dh_prep instead of dh_clean -k.
* Update standards version to 3.8.4 (no changes required). - 6. By Russ Allbery
-
Fix the dependencies of libxml-
security- c-dev to depend on Xerces-C
3.x and stop depending on Xalan, reflecting the changes to the library
build. - 5. By Russ Allbery
-
* New upstream release.
- Rename library package for upstream SONAME bump.
* Upstream now ships an older version of libtool, so run libtoolize and
aclocal before the build. Add build dependencies on automake and
libtool.
* Build against Xerces-C 3.0.
* Stop building against Xalan. The Xalan packages for Debian have been
orphaned, the current Xalan release does not support Xerces-C 3.0, and
porting it is not trivial. - 4. By Russ Allbery
-
* CVE-2009-0217: Apply upstream patch to sanity-check the HMAC
truncation length. Closes a vulnerability that could allow an
attacker to spoof HMAC-based signatures and bypass authentication.
* Remove duplicate section for libxml-security- c14.
* Update standards version to 3.8.2 (no changes required).
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/utopic/xml-security-c