Accepted xmltooling 1.3.1-1 (source i386 all)

To: debian-devel-changes@lists.debian.org
Subject: Accepted xmltooling 1.3.1-1 (source i386 all)
From: Russ Allbery <rra@debian.org>
Date: Mon, 16 Nov 2009 22:09:19 +0000
Message-id: <[🔎] E1NA9l9-0008FY-OR@ries.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 06 Nov 2009 11:30:41 -0800
Source: xmltooling
Binary: libxmltooling4 libxmltooling-dev xmltooling-schemas libxmltooling-doc
Architecture: source i386 all
Version: 1.3.1-1
Distribution: unstable
Urgency: high
Maintainer: Debian Shib Team <pkg-shibboleth-devel@lists.alioth.debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description: 
 libxmltooling-dev - C++ XML parsing library with encryption support (development)
 libxmltooling-doc - C++ XML parsing library with encryption support (API docs)
 libxmltooling4 - C++ XML parsing library with encryption support (runtime)
 xmltooling-schemas - XML schemas for XMLTooling
Changes: 
 xmltooling (1.3.1-1) unstable; urgency=high
 .
   * Urgency set to high for security fix.
   * New upstream release.
     - SECURITY: Partial fix for improper handling of URLs that could be
       abused for script injection and other cross-site scripting attacks.
       The complete fix also requires newer opensaml2 and shibboleth-sp2
       packages.  (CVE-2009-3300)
     - Add setter for KeyInfoResolver object.
     - Fix extraction of cert info for UTF-8 handling changes.
     - Fix passing of TransportOption configuration to cURL.
     - Fix instability in reusing a DOM after signing it.
     - Remove xmlns:xml namespace declaration when marshalling and
       unmarshalling to avoid canonicalization bugs.
   * Rename library package for upstream SONAME bump.
   * Build-depend on libxml-security-c-dev 1.5 or later and make
     libxmltooling-dev depend on libxml-security-c-dev 1.5 or later to
     ensure that all builds are consistent.  Although this package will
     build with 1.4, the other packages built on xmltooling require 1.5.
Checksums-Sha1: 
 f9874e1d9e565a1afea977c23793737d6e1f0c35 1443 xmltooling_1.3.1-1.dsc
 5ed15af1fde9fcce25b6c30f4760fed691f72b0c 580340 xmltooling_1.3.1.orig.tar.gz
 5259cb337f6af9e00d79c6b3f1fe18348d1ce668 6888 xmltooling_1.3.1-1.diff.gz
 c23cd2693e9128c8bab802205b3012f2c5166566 754050 libxmltooling4_1.3.1-1_i386.deb
 362b092a098d3a283eebd4a1b440b3655f7e4932 75620 libxmltooling-dev_1.3.1-1_i386.deb
 b426e08485c574d29683e00f860fdbf903856768 12760 xmltooling-schemas_1.3.1-1_all.deb
 78c26dff1cc139e30d6b5cfa02520c2abfcc9ea8 1144948 libxmltooling-doc_1.3.1-1_all.deb
Checksums-Sha256: 
 990b4a27ef49688ad2a70ec73d12963896947621c8f4b011ea6682afc3bc0498 1443 xmltooling_1.3.1-1.dsc
 be6a77a750ee629e3d85e8ffd60c66acfc5db31ee2c413aa804b9b661141b47f 580340 xmltooling_1.3.1.orig.tar.gz
 1c89b41661a52436588743599ea10bea9c0e083a998f28fac9422029ff587084 6888 xmltooling_1.3.1-1.diff.gz
 5727c99b8c6d12dfdfc01779d648f10bc4e56298c0a959600fa0da1d13800fda 754050 libxmltooling4_1.3.1-1_i386.deb
 60e1a5f11bf2132339c8d2d97e11e7881e01e7ca0517f94f1560220bf463fc65 75620 libxmltooling-dev_1.3.1-1_i386.deb
 c9cad065d7f0ad794b6f869579143b6d6b703eded6fa3e4ed24bb7b23938df04 12760 xmltooling-schemas_1.3.1-1_all.deb
 e9ac4b2ac6826536a333f2a75be0d82c241366f2ba08f60d5ae66e3c8b1b5b15 1144948 libxmltooling-doc_1.3.1-1_all.deb
Files: 
 6f52c0d9fdad84428b98247f5ff65171 1443 libs extra xmltooling_1.3.1-1.dsc
 bde914f9c5742c9e01ec06a091423553 580340 libs extra xmltooling_1.3.1.orig.tar.gz
 4651cadfb136c87e29c4e4c7a4457774 6888 libs extra xmltooling_1.3.1-1.diff.gz
 bb64fe8ff5687d68acecfce6f8788fa6 754050 libs extra libxmltooling4_1.3.1-1_i386.deb
 603c420d4d8be49975053c36c8d4b2b7 75620 libdevel extra libxmltooling-dev_1.3.1-1_i386.deb
 c4fa74807b0cc82de5656680e3601606 12760 text extra xmltooling-schemas_1.3.1-1_all.deb
 a31f275590cc94805c2cbf368baf0af6 1144948 doc extra libxmltooling-doc_1.3.1-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkr0fOYACgkQ+YXjQAr8dHYARwCgy6WyOUHsIq3ewZp9qSe9PyoP
T38AnRi90W+cFyGeku28Y1kia7oHfhF0
=/UAo
-----END PGP SIGNATURE-----


Accepted:
libxmltooling-dev_1.3.1-1_i386.deb
  to main/x/xmltooling/libxmltooling-dev_1.3.1-1_i386.deb
libxmltooling-doc_1.3.1-1_all.deb
  to main/x/xmltooling/libxmltooling-doc_1.3.1-1_all.deb
libxmltooling4_1.3.1-1_i386.deb
  to main/x/xmltooling/libxmltooling4_1.3.1-1_i386.deb
xmltooling-schemas_1.3.1-1_all.deb
  to main/x/xmltooling/xmltooling-schemas_1.3.1-1_all.deb
xmltooling_1.3.1-1.diff.gz
  to main/x/xmltooling/xmltooling_1.3.1-1.diff.gz
xmltooling_1.3.1-1.dsc
  to main/x/xmltooling/xmltooling_1.3.1-1.dsc
xmltooling_1.3.1.orig.tar.gz
  to main/x/xmltooling/xmltooling_1.3.1.orig.tar.gz

Reply to:

Prev by Date: Accepted xfce4 4.6.1.3 (source all)
Next by Date: Accepted bsdgames 2.17-17 (source amd64)
Previous by thread: Accepted xfce4 4.6.1.3 (source all)
Next by thread: Accepted bsdgames 2.17-17 (source amd64)
Index(es):
- Date
- Thread