Debian Package Tracker
Register | Log in
Subscribe

xml-security-c

Choose email to subscribe with

general
  • source: xml-security-c (main)
  • version: 3.0.0-2
  • maintainer: Debian Shib Team (archive) (DMD)
  • uploaders: Ferenc Wágner [DMD]
  • arch: any
  • std-ver: 4.7.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 2.0.2-3
  • oldstable: 2.0.2-4
  • stable: 2.0.4-2
  • testing: 3.0.0-2
  • unstable: 3.0.0-2
versioned links
  • 2.0.2-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.0.2-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.0.4-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.0.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libxml-security-c-dev
  • libxml-security-c30
  • xml-security-c-utils
action needed
1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:
  • CVE-2024-34580: Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing (XMLDsig) specification without protection against an SSRF payload in a KeyInfo element. NOTE: the supplier disputes this CVE Record on the grounds that they are implementing the specification "correctly" and are not "at fault."
Created: 2024-06-28 Last update: 2024-06-28 20:13
debian/patches: 1 patch to forward upstream low

Among the 1 debian patch available in version 3.0.0-2 of the package, we noticed the following issues:

  • 1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.
Created: 2025-01-12 Last update: 2025-01-12 07:00
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.7.0).
Created: 2025-02-21 Last update: 2025-02-27 13:25
news
[rss feed]
  • [2025-01-14] xml-security-c 3.0.0-2 MIGRATED to testing (Debian testing watch)
  • [2025-01-11] Accepted xml-security-c 3.0.0-2 (source) into unstable (Ferenc Wágner)
  • [2024-12-15] Accepted xml-security-c 3.0.0-1 (source amd64) into experimental (Debian FTP Masters) (signed by: Ferenc Wágner)
  • [2023-01-19] xml-security-c 2.0.4-2 MIGRATED to testing (Debian testing watch)
  • [2023-01-10] Accepted xml-security-c 2.0.4-2 (source) into unstable (Ferenc Wágner)
  • [2021-11-10] xml-security-c 2.0.4-1 MIGRATED to testing (Debian testing watch)
  • [2021-11-07] Accepted xml-security-c 2.0.4-1 (source) into unstable (Ferenc Wágner)
  • [2021-10-31] xml-security-c 2.0.3-1 MIGRATED to testing (Debian testing watch)
  • [2021-10-28] Accepted xml-security-c 2.0.3-1 (source) into unstable (Ferenc Wágner)
  • [2020-12-30] xml-security-c 2.0.2-4 MIGRATED to testing (Debian testing watch)
  • [2020-12-27] Accepted xml-security-c 2.0.2-4 (source) into unstable (Ferenc Wágner)
  • [2020-07-09] Accepted xml-security-c 1.7.3-4+deb9u3 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Ferenc Wágner)
  • [2020-01-30] Accepted xml-security-c 1.7.3-4+deb9u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Ferenc Wágner)
  • [2019-04-08] Accepted xml-security-c 2.0.2-3~bpo9+1 (source i386) into stretch-backports->backports-policy, stretch-backports (Etienne Dysli Metref) (signed by: Ferenc Wágner)
  • [2018-11-28] xml-security-c 2.0.2-3 MIGRATED to testing (Debian testing watch)
  • [2018-11-26] Accepted xml-security-c 2.0.2-3 (source) into unstable (Ferenc Wágner)
  • [2018-11-24] Accepted xml-security-c 1.7.2-3+deb8u2 (source amd64) into oldstable (Thorsten Alteholz)
  • [2018-11-24] Accepted xml-security-c 2.0.2-2 (source) into unstable (Ferenc Wágner)
  • [2018-11-05] Accepted xml-security-c 2.0.2-1 (source) into experimental (Ferenc Wágner)
  • [2018-08-09] Accepted xml-security-c 1.7.3-4+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Ferenc Wágner)
  • [2018-08-06] Accepted xml-security-c 1.7.2-3+deb8u1 (source i386) into oldstable (Ferenc Wágner)
  • [2018-08-05] Accepted xml-security-c 1.7.3-4+deb9u1 (source) into stable->embargoed, stable (Ferenc Wágner)
  • [2018-08-03] Accepted xml-security-c 2.0.1-1 (source) into experimental (Ferenc Wágner)
  • [2018-07-31] Accepted xml-security-c 2.0.0-1 (source amd64) into experimental, experimental (Ferenc Wágner)
  • [2018-06-03] xml-security-c REMOVED from testing (Debian testing watch)
  • [2016-12-31] xml-security-c 1.7.3-4 MIGRATED to testing (Debian testing watch)
  • [2016-11-08] Accepted xml-security-c 1.7.3-4 (source) into unstable (Ferenc Wágner)
  • [2016-08-29] Accepted xml-security-c 1.7.3-3~bpo7+1 (source amd64) into wheezy-backports-sloppy, wheezy-backports-sloppy (Etienne Dysli Metref) (signed by: Ferenc Wágner)
  • [2016-08-25] Accepted xml-security-c 1.7.3-3~bpo8+1 (source amd64) into jessie-backports, jessie-backports (Etienne Dysli Metref) (signed by: Ferenc Wágner)
  • [2016-07-27] xml-security-c 1.7.3-3 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 0
links
  • homepage
  • lintian
  • buildd: logs, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 3.0.0-2
  • 1 bug

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing