Package: xml-security-c / 1.7.3-4+deb9u2

Metadata

Package Version Patches format
xml-security-c 1.7.3-4+deb9u2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
Add xsec prefix to utilities.patch | (download)

xsec/Makefile.am | 32 16 + 16 - 0 !
1 file changed, 16 insertions(+), 16 deletions(-)

 add xsec prefix to utilities

Many of the utilities that come with the package have very
generic names.  Add xsec- to the beginning of all of the binary
names to avoid colliding with other packages or claiming too
generic of a namespace.

Avoid forward incompatibility warnings from Automake.patch | (download)

configure.ac | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 avoid forward-incompatibility warnings from automake


Fix GCC6 FTBFS.patch | (download)

xsec/tools/checksig/InteropResolver.cpp | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fix gcc6 ftbfs


Fix GCC5 warnings.patch | (download)

xsec/enc/OpenSSL/OpenSSLCryptoSymmetricKey.hpp | 2 1 + 1 - 0 !
xsec/enc/XSECCryptoSymmetricKey.hpp | 2 1 + 1 - 0 !
2 files changed, 2 insertions(+), 2 deletions(-)

 fix gcc5 warnings


Fix indentation 1.patch | (download)

xsec/canon/XSECC14n20010315.cpp | 6 3 + 3 - 0 !
xsec/dsig/DSIGReference.cpp | 8 4 + 4 - 0 !
xsec/dsig/DSIGSignature.cpp | 6 3 + 3 - 0 !
xsec/dsig/DSIGTransformXSL.cpp | 6 3 + 3 - 0 !
4 files changed, 13 insertions(+), 13 deletions(-)

 fix indentation 1


Remove unused variable 1.patch | (download)

xsec/dsig/DSIGAlgorithmHandlerDefault.cpp | 3 1 + 2 - 0 !
1 file changed, 1 insertion(+), 2 deletions(-)

 remove unused variable 1


loadX509PEM fix potential reading past unterminated .patch | (download)

xsec/enc/XSECCryptoX509.cpp | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 loadx509pem: fix potential reading past unterminated buffer


Remove superfluous extern keyword.patch | (download)

xsec/enc/XSECCryptoException.cpp | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 remove superfluous extern keyword


TXFMOutputFile close output file only if it s open.patch | (download)

xsec/transformers/TXFMOutputFile.cpp | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 txfmoutputfile: close output file only if it's open


Use the z length modifier for printing size_t.patch | (download)

xsec/utils/unixutils/XSECSOAPRequestorSimpleUnix.cpp | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 use the z length modifier for printing size_t


Remove unused dereferences.patch | (download)

xsec/utils/XSECDOMUtils.cpp | 28 14 + 14 - 0 !
1 file changed, 14 insertions(+), 14 deletions(-)

 remove unused dereferences


Don t compute unused variables.patch | (download)

xsec/utils/XSECNameSpaceExpander.cpp | 7 0 + 7 - 0 !
1 file changed, 7 deletions(-)

 don't compute unused variables


Fix indentation 2.patch | (download)

xsec/xkms/impl/XKMSRegisterResultImpl.cpp | 8 4 + 4 - 0 !
1 file changed, 4 insertions(+), 4 deletions(-)

 fix indentation 2


Fix indentation 3.patch | (download)

xsec/enc/OpenSSL/OpenSSLCryptoKeyEC.cpp | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 fix indentation 3


Remove unused variable 2.patch | (download)

xsec/tools/xtest/xtest.cpp | 21 0 + 21 - 0 !
1 file changed, 21 deletions(-)

 remove unused variable 2


Fix indentation 4.patch | (download)

xsec/tools/c14n/c14n.cpp | 18 9 + 9 - 0 !
1 file changed, 9 insertions(+), 9 deletions(-)

 fix indentation 4


Remove unused variable 3.patch | (download)

xsec/tools/xklient/xklient.cpp | 3 0 + 3 - 0 !
1 file changed, 3 deletions(-)

 remove unused variable 3


Fix indentation 5.patch | (download)

xsec/xkms/impl/XKMSRecoverResultImpl.cpp | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 fix indentation 5


Avoid GCC warning suggesting parentheses.patch | (download)

xsec/utils/XSECDOMUtils.cpp | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 avoid gcc warning suggesting parentheses


Fix typo occured occurred.patch | (download)

xsec/dsig/DSIGAlgorithmHandlerDefault.cpp | 6 3 + 3 - 0 !
xsec/framework/XSECError.cpp | 10 5 + 5 - 0 !
xsec/samples/simpleHMAC.cpp | 2 1 + 1 - 0 !
xsec/samples/simpleValidate.cpp | 4 2 + 2 - 0 !
xsec/tools/c14n/c14n.cpp | 4 2 + 2 - 0 !
xsec/tools/checksig/checksig.cpp | 10 5 + 5 - 0 !
xsec/tools/cipher/cipher.cpp | 8 4 + 4 - 0 !
xsec/tools/siginf/siginf.cpp | 8 4 + 4 - 0 !
xsec/tools/templatesign/templatesign.cpp | 8 4 + 4 - 0 !
xsec/tools/txfmout/txfmout.cpp | 6 3 + 3 - 0 !
xsec/tools/xklient/xklient.cpp | 10 5 + 5 - 0 !
xsec/tools/xtest/xtest.cpp | 46 23 + 23 - 0 !
xsec/transformers/TXFMParser.cpp | 2 1 + 1 - 0 !
xsec/transformers/TXFMXSL.cpp | 2 1 + 1 - 0 !
xsec/xenc/impl/XENCCipherImpl.cpp | 2 1 + 1 - 0 !
15 files changed, 64 insertions(+), 64 deletions(-)

 fix typo: occured -> occurred


Use pkg config for Xerces OpenSSL and NSS and provid.patch | (download)

Makefile.am | 2 2 + 0 - 0 !
configure.ac | 149 33 + 116 - 0 !
m4/ax_pkg_check_modules.m4 | 69 69 + 0 - 0 !
xml-security-c.pc.in | 12 12 + 0 - 0 !
4 files changed, 116 insertions(+), 116 deletions(-)

 use pkg-config for xerces, openssl and nss,
 and provide a pkg-config file

We use only the crypto part of OpenSSL

We do not use pthreads threadtest.cpp is Windows onl.patch | (download)

configure.ac | 7 0 + 7 - 0 !
m4/ax_pthread.m4 | 309 0 + 309 - 0 !
2 files changed, 316 deletions(-)

 we do not use pthreads, threadtest.cpp is windows-only


Only add found packages to the pkg config dependenci.patch | (download)

m4/ax_pkg_check_modules.m4 | 8 4 + 4 - 0 !
1 file changed, 4 insertions(+), 4 deletions(-)

 only add found packages to the pkg-config dependencies


Default KeyInfo resolver doesn t check for empty element .patch | (download)

xsec/dsig/DSIGKeyInfoValue.hpp | 8 4 + 4 - 0 !
xsec/enc/XSECKeyInfoResolverDefault.cpp | 108 65 + 43 - 0 !
2 files changed, 69 insertions(+), 47 deletions(-)

 default keyinfo resolver doesn't check for empty element content

The Apache Santuario XML Security for C++ library contained a
number of code paths at risk of dereferencing null pointers when
processing various kinds of malformed KeyInfo hints typically found
in signed or encrypted XML. The usual effect is a crash, and in the
case of the Shibboleth SP software, a crash in the shibd daemon.

This is a combination of two upstream commits with some unrelated
whitespace changes removed.  Quite much of it is still indentation
change because of the added conditionals.  Best viewed with tabstop=4,
for example with 'LESS=Rx4 git show --ignore-space-changes'.

Thanks: Scott Cantor
Upstream bug:
  https://issues.apache.org/jira/projects/SANTUARIO/issues/SANTUARIO-491
CVE: not assigned yet
Closes: #905332

SANTUARIO 496 DSA verification crashes OpenSSL on invalid.patch | (download)

xsec/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp | 12 12 + 0 - 0 !
xsec/enc/OpenSSL/OpenSSLCryptoKeyEC.cpp | 12 12 + 0 - 0 !
xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp | 12 12 + 0 - 0 !
3 files changed, 36 insertions(+)

 santuario-496 - dsa verification crashes openssl on invalid
 combinations of key content

Backport of
git-svn-id: https://svn.apache.org/repos/asf/santuario/xml-security-cpp/trunk@1843562 13f79535-47bb-0310-9956-ffa450edef68

SANTUARIO 496 Prevent KeyInfoResolver returning NONE keys.patch | (download)

xsec/enc/XSECKeyInfoResolverDefault.cpp | 24 17 + 7 - 0 !
1 file changed, 17 insertions(+), 7 deletions(-)

 santuario-496 - prevent keyinforesolver returning none keys.

git-svn-id: https://svn.apache.org/repos/asf/santuario/xml-security-cpp/trunk@1843566 13f79535-47bb-0310-9956-ffa450edef68