Tags

xml-security-c Debian release 3.0.0-2

Format: 1.8
Date: Sat, 11 Jan 2025 16:23:48 +0100
Source: xml-security-c
Architecture: source
Version: 3.0.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Changes:
 xml-security-c (3.0.0-2) unstable; urgency=medium
 .
   * [f89c205] Remove Etienne from Uploaders.
     Thanks for your help, Etienne, and best of luck with your future
     endeavours!
   * Upload to unstable
Checksums-Sha1:
 ca7e6c463805227ff80712176c61dc73c8f604ba 2490 xml-security-c_3.0.0-2.dsc
 385af73329597cb30607fdd3546c83f6ae385152 17836 xml-security-c_3.0.0-2.debian.tar.xz
 06f84dd2247f939e33b93d12146f820eaf071334 8251 xml-security-c_3.0.0-2_amd64.buildinfo
Checksums-Sha256:
 3ed2142b33883703cdb7f5249802072031a0f16a21e8ec5b05bce73885acf445 2490 xml-security-c_3.0.0-2.dsc
 24aef5d74fc17919edbeb36c9e909ba416a9ffebbe8508e0223c60e1f76bcd77 17836 xml-security-c_3.0.0-2.debian.tar.xz
 6ad54374d5d073c3366e14af87504a55742db0cac3c6bf49f1a45ffec527796c 8251 xml-security-c_3.0.0-2_amd64.buildinfo
Files:
 0e3acdad14e7fdc2b9453ac1eff12b86 2490 libs optional xml-security-c_3.0.0-2.dsc
 acc5ed486d01471aa9c6f181e01a6e90 17836 libs optional xml-security-c_3.0.0-2.debian.tar.xz
 c3c4e3f4dd69eed451bf9ba1eca0e560 8251 libs optional xml-security-c_3.0.0-2_amd64.buildinfo

xml-security-c Debian release 3.0.0-1

Format: 1.8
Date: Sat, 14 Dec 2024 23:16:20 +0100
Source: xml-security-c
Binary: libxml-security-c-dev libxml-security-c30 libxml-security-c30-dbgsym xml-security-c-utils xml-security-c-utils-dbgsym
Architecture: source amd64
Version: 3.0.0-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c30 - C++ library for XML Digital Signatures (runtime)
 xml-security-c-utils - C++ library for XML Digital Signatures (utilities)
Changes:
 xml-security-c (3.0.0-1) experimental; urgency=medium
 .
   * [84425cf] Point uscan to new download location
   * [5ae9828] New upstream version: 3.0.0
   * [ce0d700] This library was retired by Apache.
     We continue packaging its Shibboleth fork.
   * [dee53f3] Upstream dropped Xalan support
   * [6fa162b] Upstream dropped XKMS support
   * [030e8e9] Adjust library package name to the new SO version
   * [445b6e7] pkgconf superseded pkg-config
   * [47047e3] Update Standards-Version to 4.7.0 (no changes required)
   * [e6ed70c] Update copyright years for packaging
   * [779c224] New patch: Provide the Xerces URI Resolver for the tests
Checksums-Sha1:
 cad679203b91dec5ea7f4ea6ae7725e13547dbe7 2545 xml-security-c_3.0.0-1.dsc
 f447a812ad0d81f9568e7fb8ac450ffa7612d29c 567113 xml-security-c_3.0.0.orig.tar.bz2
 7992d0405ec3019b0ac3a155d500135a1b20b700 833 xml-security-c_3.0.0.orig.tar.bz2.asc
 9e97b9382920a83827bc3328e2c6261a51a5466f 17768 xml-security-c_3.0.0-1.debian.tar.xz
 a315718e0dcf4e059d9fbd95cdff438352ad6717 76188 libxml-security-c-dev_3.0.0-1_amd64.deb
 fa00208b6ed282eb0df5239f0ccd7f87bf7e61f8 1202028 libxml-security-c30-dbgsym_3.0.0-1_amd64.deb
 23e1ea87a7db7a2328383cb727dc82f6804dacac 183056 libxml-security-c30_3.0.0-1_amd64.deb
 d9a350fdf9ee354a3d965494e1c6980d05cf162c 429408 xml-security-c-utils-dbgsym_3.0.0-1_amd64.deb
 e41cde90f5b9d012e0f036c4aba36a06504c056c 85936 xml-security-c-utils_3.0.0-1_amd64.deb
 ef22a3da0da1da3bad0bfba9a0f99664752bba68 8316 xml-security-c_3.0.0-1_amd64.buildinfo
Checksums-Sha256:
 f59f0fad567f7e0d3b5912228e15edd8261a2704a23841d3175e6202aa58b308 2545 xml-security-c_3.0.0-1.dsc
 a4c9e1ae3ed3e8dab5d82f4dbdb8414bcbd0199a562ad66cd7c0cd750804ff32 567113 xml-security-c_3.0.0.orig.tar.bz2
 cdb29686301eb384ab3cc1ec0f7ba5c2699cab8558be19398307730cfe4466ed 833 xml-security-c_3.0.0.orig.tar.bz2.asc
 69add345ba2767e4d073523a5934b01efac3f62fa8495b45c4c8d7a7f3ed61ec 17768 xml-security-c_3.0.0-1.debian.tar.xz
 9760521bc449cc48ea5fc48bf12f36757dbf3aa7c49fb9557544415043fefb25 76188 libxml-security-c-dev_3.0.0-1_amd64.deb
 289f272ddc53b41b4389211bfbc64a3a719d564da6ac481d102a972fa7593aba 1202028 libxml-security-c30-dbgsym_3.0.0-1_amd64.deb
 92015f5c6968be16218834b977a1edfa45ad9356e83d49e449cf2a272a3dea2d 183056 libxml-security-c30_3.0.0-1_amd64.deb
 722bb54abaa179ae26e9bdcdb85e2f6c8260f5df3cf44d4129321d869811f507 429408 xml-security-c-utils-dbgsym_3.0.0-1_amd64.deb
 b6c61516f51e988d257abef40901b73bf1156c985a6df028bd6385ff48e6f804 85936 xml-security-c-utils_3.0.0-1_amd64.deb
 5fba14dd24bf9eb11bc2f4a806d8589e25d7d98bca28c94cc86e6d21ea8a0195 8316 xml-security-c_3.0.0-1_amd64.buildinfo
Files:
 10ad9e782906222767f90611e2f85e91 2545 libs optional xml-security-c_3.0.0-1.dsc
 c69d25be4abbc05b6864f22bb5141f1f 567113 libs optional xml-security-c_3.0.0.orig.tar.bz2
 cb4cbe7063a55be42c024f5907434ec4 833 libs optional xml-security-c_3.0.0.orig.tar.bz2.asc
 8c31d42ca61a757030eef54bcee058e9 17768 libs optional xml-security-c_3.0.0-1.debian.tar.xz
 1325162b26b588c6b65c4ecd4231d254 76188 libdevel optional libxml-security-c-dev_3.0.0-1_amd64.deb
 3903b810ca321ef6567da41dddc19d2c 1202028 debug optional libxml-security-c30-dbgsym_3.0.0-1_amd64.deb
 58bfe127497a3f28da64ca4a6df12bfa 183056 libs optional libxml-security-c30_3.0.0-1_amd64.deb
 3792bb331409a6a346b6676cf4189296 429408 debug optional xml-security-c-utils-dbgsym_3.0.0-1_amd64.deb
 f5f9f14a8112a79308134013a0dd38ca 85936 utils optional xml-security-c-utils_3.0.0-1_amd64.deb
 600c9ac9a0c81bbbce3391b40b8b23a7 8316 libs optional xml-security-c_3.0.0-1_amd64.buildinfo

Upstream version 3.0.0

Tagging 3.0.0 release.

xml-security-c Debian release 2.0.4-2

Format: 1.8
Date: Sat, 07 Jan 2023 19:04:53 +0100
Source: xml-security-c
Architecture: source
Version: 2.0.4-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Changes:
 xml-security-c (2.0.4-2) unstable; urgency=medium
 .
   * [b474d78] Revert "Enable XPath/XSLT support via Xalan"
     Upstream strongly recommends building without Xalan support to reduce
     the attack surface of Shibboleth installations, because Xalan is
     dead upstream and pulling it in carries a considerable risk.  The
     Shibboleth stack is the only known consumer of the xml-security-c
     library in Debian, so we follow upstream's recommendation.
   * [96a3e92] Update Standards-Version to 4.6.2 (no changes required)
   * [c251283] Since version 2.0.3 --disable-static is the upstream default
   * [4fbcaf5] Update debian/* copyright year
Checksums-Sha1:
 f9d807508674c01f592716ca580db507e9d178cf 2589 xml-security-c_2.0.4-2.dsc
 7c1abea486cbb5a2d2d07d79a9e4d681f087a8d6 17116 xml-security-c_2.0.4-2.debian.tar.xz
 8153069e8cfe0bcbc9b9d2d033edd905c4564a48 8071 xml-security-c_2.0.4-2_amd64.buildinfo
Checksums-Sha256:
 29dca188dbb638f391b161e2961f11ab9cb6fe96cb41cfaa6f065d9f91faff8b 2589 xml-security-c_2.0.4-2.dsc
 87a8394d52f43989aaa02f4a87fc318241d9e85c5e9379201f071215bb5d51c4 17116 xml-security-c_2.0.4-2.debian.tar.xz
 4f15564227f190600de49baf67795b5c96ada3bea0dedae4cd147d4652eee3cf 8071 xml-security-c_2.0.4-2_amd64.buildinfo
Files:
 d79563e47d72d5754102beb6babd8c2a 2589 libs optional xml-security-c_2.0.4-2.dsc
 0e32fadb3f7c0c82896054b8849945f8 17116 libs optional xml-security-c_2.0.4-2.debian.tar.xz
 8c6cf5760a704bbe61f085426a596b02 8071 libs optional xml-security-c_2.0.4-2_amd64.buildinfo

xml-security-c Debian release 2.0.4-1

Format: 1.8
Date: Sun, 07 Nov 2021 23:01:58 +0100
Source: xml-security-c
Architecture: source
Version: 2.0.4-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Changes:
 xml-security-c (2.0.4-1) unstable; urgency=medium
 .
   * [0d065ab] New upstream version: 2.0.4
Checksums-Sha1:
 ba6acc94c08a61b54f274f25cfc31c0854557962 2580 xml-security-c_2.0.4-1.dsc
 1cc3a29adb1bf5fa44feac44debd1b4f5a899710 676159 xml-security-c_2.0.4.orig.tar.bz2
 11397cc4bc781977f4e8970202a15251b8d8e378 833 xml-security-c_2.0.4.orig.tar.bz2.asc
 284d22a9980990389c3922426cdb13abc384553b 16912 xml-security-c_2.0.4-1.debian.tar.xz
 10f6f892c5fbc115b19314a7a37efcb9dd8a65c6 7779 xml-security-c_2.0.4-1_amd64.buildinfo
Checksums-Sha256:
 af2e096c3f1b33b7e22d6a2d9d8e46db5f61fae2812e1ce42ce15b04e3624b90 2580 xml-security-c_2.0.4-1.dsc
 c83ed1b7c0189cce27a49caa81986938e76807bf35597e6056259af30726beca 676159 xml-security-c_2.0.4.orig.tar.bz2
 1f4f4fa3bb71f22400a7b8477f2b5dd99733abe10ca9d00c361dc6333aafa665 833 xml-security-c_2.0.4.orig.tar.bz2.asc
 0f8fa3bc0e752649d32c49d84dacad1d5f877873f4dff943c394b4149477298b 16912 xml-security-c_2.0.4-1.debian.tar.xz
 59420b64dfcad3eed7f7ba69dd3ea466b3ad891bb3d67c197b0545eb4412f014 7779 xml-security-c_2.0.4-1_amd64.buildinfo
Files:
 7ce19290fa9cc939eae4a12b96a3817a 2580 libs optional xml-security-c_2.0.4-1.dsc
 53d202a6c8d082bd8291c727f4918db5 676159 libs optional xml-security-c_2.0.4.orig.tar.bz2
 a9345ec6d99ae31f66aa91acd00bc540 833 libs optional xml-security-c_2.0.4.orig.tar.bz2.asc
 ada975f5145f0911cc6e259b9b7f61ce 16912 libs optional xml-security-c_2.0.4-1.debian.tar.xz
 69fd49d38c5af801f08ded67c16a431f 7779 libs optional xml-security-c_2.0.4-1_amd64.buildinfo

Upstream version 2.0.4

xml-security-c Debian release 2.0.3-1

Format: 1.8
Date: Thu, 28 Oct 2021 22:21:25 +0200
Source: xml-security-c
Architecture: source
Version: 2.0.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Changes:
 xml-security-c (2.0.3-1) unstable; urgency=medium
 .
   * [d8541ef] New upstream version: 2.0.3
   * [04b7137] Remove Debian patches (everything went upstream)
   * [c6e8b1e] Upgrade Standards-Version to 4.6.0 (no changes required)
Checksums-Sha1:
 78eb64390fbc4100d2e7e574140b03e25907ddc6 2580 xml-security-c_2.0.3-1.dsc
 aaf5696c7825230e31626c811e513336600f98b9 676128 xml-security-c_2.0.3.orig.tar.bz2
 0e757e8b06fbf1faa489db98c1b1aa6c1f4f73a5 833 xml-security-c_2.0.3.orig.tar.bz2.asc
 36f113f3b8b37d06815f623d12c0cc9cfcae03a2 16904 xml-security-c_2.0.3-1.debian.tar.xz
 137cdff1e55b59b0f32c97fed38ff982683eb4f8 7771 xml-security-c_2.0.3-1_amd64.buildinfo
Checksums-Sha256:
 73c253e098af41818a00ae8e8014b26b3c9f4521ca11c5cbd712c6c365913342 2580 xml-security-c_2.0.3-1.dsc
 803029f129005a9b453aa45f0b3e44c28b8f2ec5eb526c20c74f93995cf6da69 676128 xml-security-c_2.0.3.orig.tar.bz2
 b6da2be263f0832489baa2ea49b4476bb51d2102a0656c0440f021e1a3202fbd 833 xml-security-c_2.0.3.orig.tar.bz2.asc
 f7b87b96e1bb7aa0399cf0c878fe9aeae0ad9886c98f7c42b8e427b55fd0c3bb 16904 xml-security-c_2.0.3-1.debian.tar.xz
 bb639b9b240a8208a5fbe02a76fb3e541e756b62e0df8d75bf58b3b6757d4098 7771 xml-security-c_2.0.3-1_amd64.buildinfo
Files:
 5c371cadaa7c577063b787a07457d34a 2580 libs optional xml-security-c_2.0.3-1.dsc
 8c1c7f86504efdf65744266e81a42780 676128 libs optional xml-security-c_2.0.3.orig.tar.bz2
 b48bc303871e0433fd98b0b2ddb9a775 833 libs optional xml-security-c_2.0.3.orig.tar.bz2.asc
 e973db4b3e7675c40ca94a609757a6ee 16904 libs optional xml-security-c_2.0.3-1.debian.tar.xz
 260ab82f1bbb01cdfd698e4b97369434 7771 libs optional xml-security-c_2.0.3-1_amd64.buildinfo

Upstream version 2.0.3

xml-security-c Debian release 2.0.2-4

Format: 1.8
Date: Sun, 27 Dec 2020 12:38:29 +0100
Source: xml-security-c
Architecture: source
Version: 2.0.2-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Closes: 977568
Changes:
 xml-security-c (2.0.2-4) unstable; urgency=medium
 .
   [ Ferenc Wágner ]
   * [8650c80] New patch: Update for Xalan 1.12.
     Thanks to Bill Blough (Closes: #977568)
   * [00a0870] Update Standards-Version to 4.5.1 (no changes required)
   * [5b6dd82] Enable rootless build
   * [cc4e8d1] Switch to Debhelper compat level 13
   * [4d59fb3] Bump watch file format version to 4
   * [bedf01a] Minimize the upstream public key
   * [6cded27] I don't plan to provide a symbols file
   * [278dbd4] Enroll to basic Salsa CI
 .
   [ Debian Janitor ]
   * [a6fa24a] Use secure URI in Homepage field.
     Fixes: lintian: homepage-field-uses-insecure-uri
Checksums-Sha1:
 0c6c511153b16d6ad0c6f2a840c244a4e9836960 2580 xml-security-c_2.0.2-4.dsc
 663d6760fcadff45e64993425331c70a5c597f1e 26528 xml-security-c_2.0.2-4.debian.tar.xz
 dc627f18c31688384249d2aa9963aeaf9164b190 7725 xml-security-c_2.0.2-4_amd64.buildinfo
Checksums-Sha256:
 d2fb7e4d4f754d8a81d847a701dddd709a00ccd899042973625a4262c6b54ad0 2580 xml-security-c_2.0.2-4.dsc
 0479ba1a807d69e3b4b71e086bf049681017f8e70f67e929da190e044c2857e1 26528 xml-security-c_2.0.2-4.debian.tar.xz
 da53bf1ffbb643e546388b2eacff4f0978bc16a031461ab98bad9659ae00f40b 7725 xml-security-c_2.0.2-4_amd64.buildinfo
Files:
 050e51f394e342f5d4eb1979edc3f266 2580 libs optional xml-security-c_2.0.2-4.dsc
 9824a8fd8c804856220c61f0e869df6c 26528 libs optional xml-security-c_2.0.2-4.debian.tar.xz
 ec12e6e87b6b8960d27741bda72c94b0 7725 libs optional xml-security-c_2.0.2-4_amd64.buildinfo

xml-security-c Debian release 1.7.3-4+deb9u3

Format: 1.8
Date: Sat, 04 Jul 2020 12:47:24 +0200
Source: xml-security-c
Binary: libxml-security-c17v5 libxml-security-c-dev xml-security-c-utils
Architecture: source
Version: 1.7.3-4+deb9u3
Distribution: stretch
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c17v5 - C++ library for XML Digital Signatures (runtime)
 xml-security-c-utils - C++ library for XML Digital Signatures (utilities)
Closes: 922984
Changes:
 xml-security-c (1.7.3-4+deb9u3) stretch; urgency=medium
 .
   * [02c3993] New patch: Fix a length bug in concat method.
     Thanks to Scott Cantor (Closes: #922984)
Checksums-Sha1:
 bdb1164a9fa1331ce637f779dd7cc1daa9f033e8 2336 xml-security-c_1.7.3-4+deb9u3.dsc
 4e6ea1c6d7697ca22fe6f77f457efa8b99211729 44896 xml-security-c_1.7.3-4+deb9u3.debian.tar.xz
 94c37f2c53764a12e5f9eb8b74a2362994b2fa59 8290 xml-security-c_1.7.3-4+deb9u3_amd64.buildinfo
Checksums-Sha256:
 10e57b421db82e352db8de16e69ea94b2edee499e6291496c23dbfbafe55db0a 2336 xml-security-c_1.7.3-4+deb9u3.dsc
 da5023bc8e81923b88c1263c88f8fc3235bf629b96af7f9500cf19ec63eeb1be 44896 xml-security-c_1.7.3-4+deb9u3.debian.tar.xz
 40b70bc02aa00eb7d3264fdfc633ec1bc2fdc3f85f2a94535b615958401fc796 8290 xml-security-c_1.7.3-4+deb9u3_amd64.buildinfo
Files:
 3aaf4262907855048e780d3e08ba35ad 2336 libs extra xml-security-c_1.7.3-4+deb9u3.dsc
 63c03054b15aa1b554c6d8219bf7d31d 44896 libs extra xml-security-c_1.7.3-4+deb9u3.debian.tar.xz
 0fc3675437b4da34d9b51859f9bf703c 8290 libs extra xml-security-c_1.7.3-4+deb9u3_amd64.buildinfo

xml-security-c Debian release 1.7.3-4+deb9u2

Format: 1.8
Date: Mon, 10 Dec 2018 11:45:41 +0100
Source: xml-security-c
Binary: libxml-security-c17v5 libxml-security-c-dev xml-security-c-utils
Architecture: source
Version: 1.7.3-4+deb9u2
Distribution: stretch
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c17v5 - C++ library for XML Digital Signatures (runtime)
 xml-security-c-utils - C++ library for XML Digital Signatures (utilities)
Closes: 913136
Changes:
 xml-security-c (1.7.3-4+deb9u2) stretch; urgency=medium
 .
   * [12dd825] New patches: DSA verification crashes OpenSSL on invalid
     combinations of key content.
     Particular KeyInfo combinations result in incomplete DSA key structures
     that OpenSSL can't handle without crashing.  In the case of Shibboleth
     SP software this manifests as a crash in the shibd daemon.  Exploitation
     is believed to be possible only in deployments employing the PKIX trust
     engine, which is generally recommended against.
     The upstream patches backported from 2.0.2 apply analogous safeguards to
     the RSA and ECDSA key handling as well.
     Upstream bug: https://issues.apache.org/jira/browse/SANTUARIO-496
     CVE: not assigned
     Thanks to Scott Cantor (Closes: #913136)
Checksums-Sha1:
 2c639df51781cdf4e80d85e4fa209d773924ec97 2336 xml-security-c_1.7.3-4+deb9u2.dsc
 6a3639388f0753a6609e9e73185f7c8f5b51123f 44616 xml-security-c_1.7.3-4+deb9u2.debian.tar.xz
 f46ec85984a85d3d566af9dee7c12299c5bbc8b8 8227 xml-security-c_1.7.3-4+deb9u2_amd64.buildinfo
Checksums-Sha256:
 16a9ef4bc97669f983a2a6a55b8c1ec72411626e8703679040ec9284744613a0 2336 xml-security-c_1.7.3-4+deb9u2.dsc
 32857112f5e7f9749942bb3dda48b95e0ebf2dd641eb9d722a05df91bd154db3 44616 xml-security-c_1.7.3-4+deb9u2.debian.tar.xz
 26b9c4e41efc2d2f750ee4659f9981f1e6219226d46d35b9e6d156e7307ac0f8 8227 xml-security-c_1.7.3-4+deb9u2_amd64.buildinfo
Files:
 a8a3f91717e40cc211f2d98238dfa741 2336 libs extra xml-security-c_1.7.3-4+deb9u2.dsc
 09f9989d01f25072fc9ae346c9229695 44616 libs extra xml-security-c_1.7.3-4+deb9u2.debian.tar.xz
 eb6d896be8ed30de26512aeca464e662 8227 libs extra xml-security-c_1.7.3-4+deb9u2_amd64.buildinfo

xml-security-c Debian release 2.0.2-3~bpo9+1

Format: 1.8
Date: Fri, 22 Mar 2019 15:35:08 +0100
Source: xml-security-c
Binary: libxml-security-c20 libxml-security-c-dev xml-security-c-utils
Architecture: source i386
Version: 2.0.2-3~bpo9+1
Distribution: stretch-backports
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Etienne Dysli Metref <etienne.dysli-metref@switch.ch>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c20 - C++ library for XML Digital Signatures (runtime)
 xml-security-c-utils - C++ library for XML Digital Signatures (utilities)
Changes:
 xml-security-c (2.0.2-3~bpo9+1) stretch-backports; urgency=medium
 .
   [ Etienne Dysli Metref ]
   * Rebuild for stretch-backports.
   * [98c4eff] Require Xerces-C 3.2
   * [830a69c] Remove dependency on Xalan when building for stretch.
     Building with Xalan was introduced for unstable. Keep building
     xml-security-c for stretch without it because Xalan in stretch depends
     on Xerces-C 3.1 and this conflicts with our use of 3.2.
     This reverts commits:
     - 494511e9 "We now use Xalan"
     - 10631007 "Enable XPath/XSLT support via Xalan"
 .
   [ Ferenc Wágner ]
   * [7b83ecf] Revert "Enable building with OpenSSL 1.1"
     This reverts commit 5df89ad57e4695c0a35f61aeb5c3ae33ddf07712.
     XMLTooling links against libcurl3, which links against OpenSSL 1.0, so
     we must use OpenSSL 1.0 exclusively throughout the stack.
   * [18460e2] New patch: Provide BN_bn2binpad() missing in OpenSSL 1.0
Checksums-Sha1:
 eda17657490c4c024f7e0d16f26a01676a15a9cc 2624 xml-security-c_2.0.2-3~bpo9+1.dsc
 48b3ddbb2f0d8d320117e85bc2cf5cd28687d72f 36076 xml-security-c_2.0.2-3~bpo9+1.debian.tar.xz
 8b4646134db034dc40e99de68e3906cf81d89f68 111992 libxml-security-c-dev_2.0.2-3~bpo9+1_i386.deb
 dca23e3f1ae85d4e5873504d4ab5aa2176f33756 3006946 libxml-security-c20-dbgsym_2.0.2-3~bpo9+1_i386.deb
 fe06bea97cad7c2f78d9e742057af1b387c82d5e 277086 libxml-security-c20_2.0.2-3~bpo9+1_i386.deb
 8e1a809f822199c29bb9589edb1672d34b228e12 784780 xml-security-c-utils-dbgsym_2.0.2-3~bpo9+1_i386.deb
 c4e5c03b48d99e3d99e99cda0be1cb006421ddd9 134302 xml-security-c-utils_2.0.2-3~bpo9+1_i386.deb
 12d7ebd92da4a0f354ad6c4e1261508d4848b949 8148 xml-security-c_2.0.2-3~bpo9+1_i386.buildinfo
Checksums-Sha256:
 5a4a6bb8b7241b5481c9cd6fd4f90d0201a235a2a85fb8d51f3e4d280d8690b1 2624 xml-security-c_2.0.2-3~bpo9+1.dsc
 ea6b163209e7498037bc8d684d50ebdb83072d9022567488ff54cac3db72dba0 36076 xml-security-c_2.0.2-3~bpo9+1.debian.tar.xz
 273f8a58b57739970f7fc732d02beea05f5bd8005fe3616ff15bc53dfb60ead0 111992 libxml-security-c-dev_2.0.2-3~bpo9+1_i386.deb
 b062538d5b79be792eb9ba378a5467b77eaf7df90d881b0ccf4b1fd610dc277d 3006946 libxml-security-c20-dbgsym_2.0.2-3~bpo9+1_i386.deb
 c0eb71b2288e4e31e9295aef0b54370d5bd58ade5171c3d3fba8b7bece5c36ea 277086 libxml-security-c20_2.0.2-3~bpo9+1_i386.deb
 155a37eb73288a8dbeeb74a1e8ad9d97ee87a3c29ed064af9021093284074d5a 784780 xml-security-c-utils-dbgsym_2.0.2-3~bpo9+1_i386.deb
 a0a871f33110f566f9945db57c98f4bec3e3705aa864dee80211f4bd84ac5cd1 134302 xml-security-c-utils_2.0.2-3~bpo9+1_i386.deb
 3803826635a69dce3b860a3e2d336ec59ccbdac82608fc196e1b26624634cdbe 8148 xml-security-c_2.0.2-3~bpo9+1_i386.buildinfo
Files:
 eeb82a6e671c9f1544aaa5d86de8706e 2624 libs optional xml-security-c_2.0.2-3~bpo9+1.dsc
 b3907ee1a425083f2297e230c47e4073 36076 libs optional xml-security-c_2.0.2-3~bpo9+1.debian.tar.xz
 3168c9413ed113bc761a05a1a334c5f4 111992 libdevel optional libxml-security-c-dev_2.0.2-3~bpo9+1_i386.deb
 fda7dd9ac8c8066fb7860921b131b302 3006946 debug optional libxml-security-c20-dbgsym_2.0.2-3~bpo9+1_i386.deb
 afecc60aa3bfdf737c8f80cae097507b 277086 libs optional libxml-security-c20_2.0.2-3~bpo9+1_i386.deb
 10bb3749048fbf44599d9c79183ac93a 784780 debug optional xml-security-c-utils-dbgsym_2.0.2-3~bpo9+1_i386.deb
 2ec956d19990fb32fcaf1bfe5ab5e918 134302 utils optional xml-security-c-utils_2.0.2-3~bpo9+1_i386.deb
 d013910f88ec9b79a9110eecfc811cb2 8148 libs optional xml-security-c_2.0.2-3~bpo9+1_i386.buildinfo

xml-security-c Debian release 2.0.2-3

Format: 1.8
Date: Mon, 26 Nov 2018 12:39:01 +0100
Source: xml-security-c
Binary: libxml-security-c20 libxml-security-c-dev xml-security-c-utils
Architecture: source
Version: 2.0.2-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c20 - C++ library for XML Digital Signatures (runtime)
 xml-security-c-utils - C++ library for XML Digital Signatures (utilities)
Changes:
 xml-security-c (2.0.2-3) unstable; urgency=medium
 .
   * [494511e] We now use Xalan
   * [c03764e] New patch: DSA: pad r and s to 20 bytes
Checksums-Sha1:
 11c19d9e4054a43f35b96cec788aafb9406f9788 2574 xml-security-c_2.0.2-3.dsc
 50dc3cb7ec6f452733c32a65c531dd6ef101a0e1 35524 xml-security-c_2.0.2-3.debian.tar.xz
 5da692e50256dfa10271d1e3ff46822597c8d6ef 8794 xml-security-c_2.0.2-3_amd64.buildinfo
Checksums-Sha256:
 1cceb74d5d82acd6f0e24696fad578c05542f878134e5b49903a052aa3c2afac 2574 xml-security-c_2.0.2-3.dsc
 f045e369d4fc8f271cad3eaf6f3bbc427308e3534ca7cc8244b51f4ea50d8454 35524 xml-security-c_2.0.2-3.debian.tar.xz
 afdb8c77757a947aa9343e64962487b6bfb542da983b3a5b8bfcc587048047de 8794 xml-security-c_2.0.2-3_amd64.buildinfo
Files:
 2499d2831acc0ef6a2b6eb907a79ac2e 2574 libs optional xml-security-c_2.0.2-3.dsc
 38a5b2c21e2e05fdd9a0b03fb7262582 35524 libs optional xml-security-c_2.0.2-3.debian.tar.xz
 af5312c52baae6637f9753a828d7f04c 8794 libs optional xml-security-c_2.0.2-3_amd64.buildinfo

xml-security-c Debian release 2.0.2-2

Format: 1.8
Date: Sat, 24 Nov 2018 01:32:20 +0100
Source: xml-security-c
Binary: libxml-security-c20 libxml-security-c-dev xml-security-c-utils
Architecture: source
Version: 2.0.2-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c20 - C++ library for XML Digital Signatures (runtime)
 xml-security-c-utils - C++ library for XML Digital Signatures (utilities)
Changes:
 xml-security-c (2.0.2-2) unstable; urgency=medium
 .
   * [1063100] Enable XPath/XSLT support via Xalan
   * [ce58199] Add build system patches for better FLAGS handling
   * Upload to unstable
Checksums-Sha1:
 2a9af184fd81a8cfe835b66e4b2ec1de6e47e257 2574 xml-security-c_2.0.2-2.dsc
 5f21eb291c4f045f55d770f04617334f2ac79bea 34720 xml-security-c_2.0.2-2.debian.tar.xz
 c429d82eb964be004461220779530d0d7a760fa2 8776 xml-security-c_2.0.2-2_amd64.buildinfo
Checksums-Sha256:
 2b9b66c3d633371fc9aa62cb87a3be9efdf15c874c919097abfbbe2f31e17c4a 2574 xml-security-c_2.0.2-2.dsc
 e893003150ca16261dcf408ffb3b8d842bfaf737ddb88ba98745d481bd8df9bf 34720 xml-security-c_2.0.2-2.debian.tar.xz
 a65626d91b84b44c31a4b6fb0145e4e0bc2b039a47a721dcc4e286e8bc7908ae 8776 xml-security-c_2.0.2-2_amd64.buildinfo
Files:
 3e1a24fff2825494df13fd528dd2c396 2574 libs optional xml-security-c_2.0.2-2.dsc
 46ec5858ee8c365442235bb9fd98d956 34720 libs optional xml-security-c_2.0.2-2.debian.tar.xz
 90463cbb8916487c6575630ecb725dcb 8776 libs optional xml-security-c_2.0.2-2_amd64.buildinfo

xml-security-c Debian release 2.0.2-1

Format: 1.8
Date: Mon, 05 Nov 2018 21:37:18 +0100
Source: xml-security-c
Binary: libxml-security-c20 libxml-security-c-dev xml-security-c-utils
Architecture: source
Version: 2.0.2-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c20 - C++ library for XML Digital Signatures (runtime)
 xml-security-c-utils - C++ library for XML Digital Signatures (utilities)
Changes:
 xml-security-c (2.0.2-1) experimental; urgency=medium
 .
   * [46a70ae] New upstream version: 2.0.2
   * [a8697a7] Update Standards-Version to 4.2.1 (no changes needed)
Checksums-Sha1:
 be4ca5a0d82be0eb5461cf1737d7dbdc8b6b9a6e 2558 xml-security-c_2.0.2-1.dsc
 f4f0aa184b5238ae8fa5602a1a36397117989fc0 659543 xml-security-c_2.0.2.orig.tar.bz2
 4c6260505dbc80d98c20ccc64fa9160fa608a179 833 xml-security-c_2.0.2.orig.tar.bz2.asc
 f45add1b0e5e8828abfb4adfb0c3af2ee441d47f 27284 xml-security-c_2.0.2-1.debian.tar.xz
 cf8618e23dd09457bafb6db96f6715d2857f107e 8651 xml-security-c_2.0.2-1_amd64.buildinfo
Checksums-Sha256:
 1b16bd476442fe4cb8096f4bd1195d4daf09ce22336a4c314c3dd60b8a3655b8 2558 xml-security-c_2.0.2-1.dsc
 39e963ab4da477b7bda058f06db37228664c68fe68902d86e334614dd06e046b 659543 xml-security-c_2.0.2.orig.tar.bz2
 7ddd50f6e0f475687b6da25f5e3d32fe07e25a2895baa7ee5a3e195a62ad9429 833 xml-security-c_2.0.2.orig.tar.bz2.asc
 132db8a2ad488a882e86da800f518983a33093a168c6df3fe6eea4b1869865dc 27284 xml-security-c_2.0.2-1.debian.tar.xz
 42e40c4f58983d5163445c4839f7476d5da79a2ff748b051201da3d2a55be32b 8651 xml-security-c_2.0.2-1_amd64.buildinfo
Files:
 bdc21e9a8db966405980f48bd38025ce 2558 libs optional xml-security-c_2.0.2-1.dsc
 3bdb34cd2f41f08e339132edd8eb7729 659543 libs optional xml-security-c_2.0.2.orig.tar.bz2
 7e91fcdde079f77bfb707400a46c7acc 833 libs optional xml-security-c_2.0.2.orig.tar.bz2.asc
 f6dd97f7076f8ff989f4bf93c55760fa 27284 libs optional xml-security-c_2.0.2-1.debian.tar.xz
 c958a9b3c7df01dbcd509853df8a823e 8651 libs optional xml-security-c_2.0.2-1_amd64.buildinfo

Upstream version 2.0.2

2.0.2

xml-security-c Debian release 1.7.2-3+deb8u1

Format: 1.8
Date: Sun,  5 Aug 2018 20:09:30 CEST
Source: xml-security-c
Binary: libxml-security-c17 libxml-security-c-dev xml-security-c-utils
Architecture: source i386
Version: 1.7.2-3+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c17 - C++ library for XML Digital Signatures (runtime)
 xml-security-c-utils - C++ library for XML Digital Signatures (utilities)
Closes: 905332
Changes:
 xml-security-c (1.7.2-3+deb8u1) jessie-security; urgency=high
 .
   * [109db8e] New patch: Default KeyInfo resolver doesn't check for empty
     element content.
     The Apache Santuario XML Security for C++ library contained a
     number of code paths at risk of dereferencing null pointers when
     processing various kinds of malformed KeyInfo hints typically found
     in signed or encrypted XML. The usual effect is a crash, and in the
     case of the Shibboleth SP software, a crash in the shibd daemon.
     Upstream bug:
       https://issues.apache.org/jira/projects/SANTUARIO/issues/SANTUARIO-491
     CVE: not assigned yet
     Thanks to Scott Cantor (Closes: #905332)
   * [4dafdb4] Replace Russ in Uploaders
Checksums-Sha256:
 06f1c4bf0ec2c611a877231f202d2006b49aa14c305e34bf8a943b501859fa83 2239 xml-security-c_1.7.2-3+deb8u1.dsc
 a4bf1c14c49a550f0e3a0485f406771f064ac9e7b29f637ff69ee6c4d883e78c 15664 xml-security-c_1.7.2-3+deb8u1.debian.tar.xz
 e25247b8410fe0d1fa103f6b77b5b13a48389c7642a6d1727cc5100964e03dcc 276534 libxml-security-c17_1.7.2-3+deb8u1_i386.deb
 9fbeba7fcfafe411a0597537f120ccdebb62fc7c9921bb3e9308b3315fb57182 111744 libxml-security-c-dev_1.7.2-3+deb8u1_i386.deb
 33d17490d2b77f057d52bf28c33fd093e6dfb14bf3caf6acba8d8e0d71715e0a 126956 xml-security-c-utils_1.7.2-3+deb8u1_i386.deb
 d576b07bb843eaebfde3be01301db40504ea8e8e477c0ad5f739b07022445452 875465 xml-security-c_1.7.2.orig.tar.gz
Checksums-Sha1:
 527b692d8fd65a1bfb3e6de6e6db7dc643ae01a4 2239 xml-security-c_1.7.2-3+deb8u1.dsc
 79a1bb81d1cd619143fbc0ed45a79d065dc0355e 15664 xml-security-c_1.7.2-3+deb8u1.debian.tar.xz
 1cf115f7edbee8f2c15f153d2a88777ff64410bb 276534 libxml-security-c17_1.7.2-3+deb8u1_i386.deb
 bba1bbe59aab021844834c72f4ba85cee972876a 111744 libxml-security-c-dev_1.7.2-3+deb8u1_i386.deb
 5a50935522a15f8664cb42576d7303deddab7f3c 126956 xml-security-c-utils_1.7.2-3+deb8u1_i386.deb
 fee59d5347ff0666802c8e5aa729e0304ee492bc 875465 xml-security-c_1.7.2.orig.tar.gz
Files:
 f8887d07e1202930ad752038fab9237a 2239 libs extra xml-security-c_1.7.2-3+deb8u1.dsc
 ffd538b1de61d52b11504cdc09406d21 15664 libs extra xml-security-c_1.7.2-3+deb8u1.debian.tar.xz
 2c3010a2c1e069e5815b31bc4fc05b08 276534 libs extra libxml-security-c17_1.7.2-3+deb8u1_i386.deb
 ca7441d20a5059f4eb83a570df38e397 111744 libdevel extra libxml-security-c-dev_1.7.2-3+deb8u1_i386.deb
 d6b0c075ab6fc5cac1c4960bc06a447c 126956 utils extra xml-security-c-utils_1.7.2-3+deb8u1_i386.deb
 2487e00569f6465f7070389e40a3d84f 875465 libs extra xml-security-c_1.7.2.orig.tar.gz

xml-security-c Debian release 1.7.3-4+deb9u1

Format: 1.8
Date: Fri,  3 Aug 2018 14:30:43 CEST
Source: xml-security-c
Binary: libxml-security-c17v5 libxml-security-c-dev xml-security-c-utils
Architecture: source
Version: 1.7.3-4+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Ferenc Wágner <wferi@debian.org>
Description:
 libxml-security-c-dev - C++ library for XML Digital Signatures (development)
 libxml-security-c17v5 - C++ library for XML Digital Signatures (runtime)
 xml-security-c-utils - C++ library for XML Digital Signatures (utilities)
Closes: 905332
Changes:
 xml-security-c (1.7.3-4+deb9u1) stretch-security; urgency=high
 .
   * [93b87c6] New patch: Default KeyInfo resolver doesn't check for empty
     element content.
     The Apache Santuario XML Security for C++ library contained a
     number of code paths at risk of dereferencing null pointers when
     processing various kinds of malformed KeyInfo hints typically found
     in signed or encrypted XML. The usual effect is a crash, and in the
     case of the Shibboleth SP software, a crash in the shibd daemon.
     Upstream bug:
       https://issues.apache.org/jira/projects/SANTUARIO/issues/SANTUARIO-491
     CVE: not assigned yet
     Thanks to Scott Cantor (Closes: #905332)
Checksums-Sha256:
 1b1228439b760703062e60a6daee033dacf293a95a5feba1a81c7c6d6c873ea4 2336 xml-security-c_1.7.3-4+deb9u1.dsc
 73879fa0f820ef06ae3663ff40232abdb9f8ed51a07ea43ab934bac7d9dfafc3 43404 xml-security-c_1.7.3-4+deb9u1.debian.tar.xz
 e5226e7319d44f6fd9147a13fb853f5c711b9e75bf60ec273a0ef8a190592583 909320 xml-security-c_1.7.3.orig.tar.gz
Checksums-Sha1:
 ce52525c4d6b986ab5ef5ddce7255c0d694b22f7 2336 xml-security-c_1.7.3-4+deb9u1.dsc
 4c20d812dcfdea3dc0c475dc627e66b1300a941f 43404 xml-security-c_1.7.3-4+deb9u1.debian.tar.xz
 bcbe98e0bd3695a0b961a223cce53e2f35c4681b 909320 xml-security-c_1.7.3.orig.tar.gz
Files:
 8ef958f00a785116827955dd242dbae2 2336 libs extra xml-security-c_1.7.3-4+deb9u1.dsc
 544a5a74d240da600efe85dc30efa9b2 43404 libs extra xml-security-c_1.7.3-4+deb9u1.debian.tar.xz
 481a0f29d1b6e898da79f80dbbf7b05b 909320 libs extra xml-security-c_1.7.3.orig.tar.gz