-
libxml-security-java (2.0.10-2~18.04.1) bionic-security; urgency=medium
* SECURITY UPDATE: XPath Transform
- debian/patches/CVE-2021-40690.patch: Apache Santuario - XML Security for
Java is vulnerable to an issue where the "secureValidation" property is
not passed correctly when creating a KeyInfo from a KeyInfoReference
element. This allows an attacker to abuse an XPath Transform to extract
any local .xml files in a RetrievalMethod element.
- CVE-2021-40690
-- Fabian Toepfer <email address hidden> Wed, 13 Jul 2022 13:56:56 +0200
-
libxml-security-java (2.0.10-2~18.04) bionic; urgency=medium
* Backport for OpenJDK 11. LP: #1814133.
libxml-security-java (2.0.10-2) unstable; urgency=medium
* Team upload.
[ Jochen Sprickerhof ]
* Add patch for old API used by libitext5-java (Closes: #906375)
[ Emmanuel Bourg ]
* Standards-Version updated to 4.2.1
libxml-security-java (2.0.10-1) unstable; urgency=medium
* Team upload.
* New upstream release
- New build dependency on libmaven-jaxb2-plugin-java
- New dependency on libwoodstox-java
* Build with Java 8 compatibility
* Standards-Version updated to 4.1.5
* Switch to debhelper level 11
* Use salsa.debian.org Vcs-* URLs
* Use a secure URL in debian/watch and debian/orig-tar.sh
-- Matthias Klose <email address hidden> Tue, 26 Feb 2019 17:44:38 +0100
-
libxml-security-java (1.5.8-2) unstable; urgency=medium
* Team upload.
* maven.properties: Skip the tests to prevent build failure on amd64.
(Closes: #852930)
* libxml-security-java: Improve the short description. (Closes: #756642)
-- Markus Koschany <email address hidden> Mon, 06 Feb 2017 12:47:14 +0100