Register | Log in

xml-security-c

Choose email to subscribe with

general

source: xml-security-c (main)
version: 3.0.0-2
maintainer: Debian Shib Team (archive) (DMD)
uploaders: Ferenc Wágner [DMD]
arch: any
std-ver: 4.7.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.0.2-3
oldstable: 2.0.2-4
stable: 2.0.4-2
testing: 3.0.0-2
unstable: 3.0.0-2

versioned links

2.0.2-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.2-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.4-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libxml-security-c-dev
libxml-security-c30
xml-security-c-utils

action needed

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2024-34580: Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing (XMLDsig) specification without protection against an SSRF payload in a KeyInfo element. NOTE: the supplier disputes this CVE Record on the grounds that they are implementing the specification "correctly" and are not "at fault."

Created: 2024-06-28 Last update: 2024-06-28 20:13

debian/patches: 1 patch to forward upstream low

Among the 1 debian patch available in version 3.0.0-2 of the package, we noticed the following issues:

1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2025-01-12 Last update: 2025-01-12 07:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.7.0).

Created: 2025-02-21 Last update: 2025-02-27 13:25

news

[2025-01-14] xml-security-c 3.0.0-2 MIGRATED to testing (Debian testing watch)
[2025-01-11] Accepted xml-security-c 3.0.0-2 (source) into unstable (Ferenc Wágner)
[2024-12-15] Accepted xml-security-c 3.0.0-1 (source amd64) into experimental (Debian FTP Masters) (signed by: Ferenc Wágner)
[2023-01-19] xml-security-c 2.0.4-2 MIGRATED to testing (Debian testing watch)
[2023-01-10] Accepted xml-security-c 2.0.4-2 (source) into unstable (Ferenc Wágner)
[2021-11-10] xml-security-c 2.0.4-1 MIGRATED to testing (Debian testing watch)
[2021-11-07] Accepted xml-security-c 2.0.4-1 (source) into unstable (Ferenc Wágner)
[2021-10-31] xml-security-c 2.0.3-1 MIGRATED to testing (Debian testing watch)
[2021-10-28] Accepted xml-security-c 2.0.3-1 (source) into unstable (Ferenc Wágner)
[2020-12-30] xml-security-c 2.0.2-4 MIGRATED to testing (Debian testing watch)
[2020-12-27] Accepted xml-security-c 2.0.2-4 (source) into unstable (Ferenc Wágner)
[2020-07-09] Accepted xml-security-c 1.7.3-4+deb9u3 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Ferenc Wágner)
[2020-01-30] Accepted xml-security-c 1.7.3-4+deb9u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Ferenc Wágner)
[2019-04-08] Accepted xml-security-c 2.0.2-3~bpo9+1 (source i386) into stretch-backports->backports-policy, stretch-backports (Etienne Dysli Metref) (signed by: Ferenc Wágner)
[2018-11-28] xml-security-c 2.0.2-3 MIGRATED to testing (Debian testing watch)
[2018-11-26] Accepted xml-security-c 2.0.2-3 (source) into unstable (Ferenc Wágner)
[2018-11-24] Accepted xml-security-c 1.7.2-3+deb8u2 (source amd64) into oldstable (Thorsten Alteholz)
[2018-11-24] Accepted xml-security-c 2.0.2-2 (source) into unstable (Ferenc Wágner)
[2018-11-05] Accepted xml-security-c 2.0.2-1 (source) into experimental (Ferenc Wágner)
[2018-08-09] Accepted xml-security-c 1.7.3-4+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Ferenc Wágner)
[2018-08-06] Accepted xml-security-c 1.7.2-3+deb8u1 (source i386) into oldstable (Ferenc Wágner)
[2018-08-05] Accepted xml-security-c 1.7.3-4+deb9u1 (source) into stable->embargoed, stable (Ferenc Wágner)
[2018-08-03] Accepted xml-security-c 2.0.1-1 (source) into experimental (Ferenc Wágner)
[2018-07-31] Accepted xml-security-c 2.0.0-1 (source amd64) into experimental, experimental (Ferenc Wágner)
[2018-06-03] xml-security-c REMOVED from testing (Debian testing watch)
[2016-12-31] xml-security-c 1.7.3-4 MIGRATED to testing (Debian testing watch)
[2016-11-08] Accepted xml-security-c 1.7.3-4 (source) into unstable (Ferenc Wágner)
[2016-08-29] Accepted xml-security-c 1.7.3-3~bpo7+1 (source amd64) into wheezy-backports-sloppy, wheezy-backports-sloppy (Etienne Dysli Metref) (signed by: Ferenc Wágner)
[2016-08-25] Accepted xml-security-c 1.7.3-3~bpo8+1 (source amd64) into jessie-backports, jessie-backports (Etienne Dysli Metref) (signed by: Ferenc Wágner)
[2016-07-27] xml-security-c 1.7.3-3 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.0.0-2
1 bug

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing