libxml-security-java - Debian Package Tracker

general

source: libxml-security-java (main)
version: 2.1.7-2
maintainer: Debian Java Maintainers (archive) (DMD)
uploaders: Varun Hiremath [DMD] – Torsten Werner [DMD] – Emmanuel Bourg [DMD]
arch: all
std-ver: 4.6.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.5.8-2
o-o-sec: 1.5.8-2+deb9u1
oldstable: 2.0.10-2+deb10u1
old-sec: 2.0.10-2+deb10u1
stable: 2.0.10-2+deb11u1
stable-sec: 2.0.10-2+deb11u1
testing: 2.1.7-2
unstable: 2.1.7-2

versioned links

1.5.8-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.8-2+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.10-2+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.10-2+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.7-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libxml-security-java
libxml-security-java-doc

action needed

A new upstream version is available: 3.0.1 high

A new upstream version 3.0.1 is available, you should consider packaging it.

Created: 2021-09-24 Last update: 2022-12-07 00:03

lintian reports 30 errors and 2 warnings high

Lintian reports 30 errors and 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-10-13 Last update: 2022-07-30 12:15

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2019-12400: (needs triaging) In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache Santuario - XML Security for Java, leading to potential security flaws when validating signed documents, etc. The vulnerability affects Apache Santuario - XML Security for Java 2.0.x releases from 2.0.3 and all 2.1.x releases before 2.1.4.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-07-04 Last update: 2022-08-01 13:40

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0).

Created: 2022-05-11 Last update: 2022-05-11 23:24

news

[rss feed]

[2021-11-20] libxml-security-java 2.1.7-2 MIGRATED to testing (Debian testing watch)
[2021-11-19] Accepted libxml-security-java 2.0.10-2+deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Markus Koschany)
[2021-11-15] Accepted libxml-security-java 2.0.10-2+deb11u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Markus Koschany)
[2021-11-15] Accepted libxml-security-java 2.0.10-2+deb10u1 (source) into oldstable->embargoed, oldstable (Debian FTP Masters) (signed by: Markus Koschany)
[2021-11-15] Accepted libxml-security-java 2.0.10-2+deb11u1 (source) into stable-security->embargoed, stable-security (Debian FTP Masters) (signed by: Markus Koschany)
[2021-11-14] Accepted libxml-security-java 2.1.7-2 (source) into unstable (Markus Koschany)
[2021-09-27] Accepted libxml-security-java 1.5.8-2+deb9u1 (source) into oldoldstable (Markus Koschany)
[2021-09-26] libxml-security-java 2.1.7-1 MIGRATED to testing (Debian testing watch)
[2021-09-23] Accepted libxml-security-java 2.1.7-1 (source) into unstable (Markus Koschany)
[2018-09-29] libxml-security-java 2.0.10-2 MIGRATED to testing (Debian testing watch)
[2018-09-24] Accepted libxml-security-java 2.0.10-2 (source) into unstable (Emmanuel Bourg)
[2018-07-30] libxml-security-java 2.0.10-1 MIGRATED to testing (Debian testing watch)
[2018-07-25] Accepted libxml-security-java 2.0.10-1 (source) into unstable (Emmanuel Bourg)
[2017-02-09] libxml-security-java 1.5.8-2 MIGRATED to testing (Debian testing watch)
[2017-02-06] Accepted libxml-security-java 1.5.8-2 (source) into unstable (Markus Koschany)
[2016-11-22] libxml-security-java 1.5.8-1 MIGRATED to testing (Debian testing watch)
[2016-11-16] Accepted libxml-security-java 1.5.8-1 (source all) into unstable (Emmanuel Bourg)
[2014-11-09] Accepted libxml-security-java 1.4.3-2+deb6u1 (source all) into squeeze-lts (Thorsten Alteholz)
[2014-11-07] Accepted libxml-security-java 1.4.5-1+deb7u1 (source all) into proposed-updates->stable-new, proposed-updates (Sebastien Delafond)
[2014-02-08] libxml-security-java 1.5.6-1 MIGRATED to testing (Debian testing watch)
[2014-02-02] Accepted libxml-security-java 1.5.6-1 (source all) (tony mancill)
[2014-02-01] libxml-security-java REMOVED from testing (Debian testing watch)
[2013-09-06] libxml-security-java 1.5.5-2 MIGRATED to testing (Debian testing watch)
[2013-08-26] Accepted libxml-security-java 1.5.5-2 (source all) (Emmanuel Bourg)
[2013-07-03] Accepted libxml-security-java 1.5.5-1 (source all) (Emmanuel Bourg)
[2013-04-28] Accepted libxml-security-java 1.5.4-1 (source all) (tony mancill)
[2011-09-11] libxml-security-java 1.4.5-1 MIGRATED to testing (Debian testing watch)
[2011-09-01] Accepted libxml-security-java 1.4.5-1 (source all) (Torsten Werner)
[2009-12-14] libxml-security-java 1.4.3-2 MIGRATED to testing (Debian testing watch)
[2009-12-03] Accepted libxml-security-java 1.4.3-2 (source all) (Niels Thykier) (signed by: Mehdi Dogguy)

bugs [bug history graph]

all: 0

links

homepage
lintian (30, 2)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.1.7-2