Publishing details

Published on 2015-10-22
Copied from debian sid in Primary Archive for Debian GNU/Linux

Changelog

wss4j (1.6.15-2) unstable; urgency=medium


  * Fixed security issues (Closes: #777741):
     - CVE-2015-0227: WSS4J is still vulnerable to Bleichenbacher's attack
       (incomplete fix for CVE-2011-2487)
     - CVE-2015-0226: WSS4J doesn't correctly enforce the
       requireSignedEncryptedDataElements property
  * Standards-Version updated to 3.9.6 (no changes)

 -- Emmanuel Bourg <email address hidden>  Thu, 12 Feb 2015 09:11:29 +0100

Available diffs

diff from 1.6.15-1 to 1.6.15-2 (2.9 KiB)

Builds

Built packages

libwss4j-java Apache WSS4J WS-Security implementation

Package files

libwss4j-java_1.6.15-2_all.deb (325.3 KiB)
wss4j_1.6.15-2.debian.tar.xz (9.3 KiB)
wss4j_1.6.15-2.dsc (2.1 KiB)
wss4j_1.6.15.orig.tar.xz (285.4 KiB)