Package: xmltooling | Debian Sources

Package: xmltooling / 1.6.0-4+deb9u1~bpo8+1

Metadata

Package	Version	Patches format
xmltooling	1.6.0-4+deb9u1~bpo8+1	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
Disable forcing of libtool silent.patch \| (download)	configure.ac \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	disable forcing of libtool --silent Debian build log analysis wants verbose logs.
Use pkg config for log4shib log4cpp.patch \| (download)	configure.ac \| 53 4 + 49 - 0 ! xmltooling/Makefile.am \| 4 4 + 0 - 0 ! 2 files changed, 8 insertions(+), 49 deletions(-)	use pkg-config for log4shib/log4cpp
Fail configuration if dlopen is not found.patch \| (download)	configure.ac \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	fail configuration if dlopen() is not found
Discover xerces xmlsec openssl and curl via pkg conf.patch \| (download)	configure.ac \| 171 29 + 142 - 0 ! m4/ax_restore_flags.m4 \| 52 52 + 0 - 0 ! m4/ax_save_flags.m4 \| 71 71 + 0 - 0 ! xmltooling/Makefile.am \| 12 6 + 6 - 0 ! xmltoolingtest/Makefile.am \| 3 2 + 1 - 0 ! 5 files changed, 160 insertions(+), 149 deletions(-)	discover xerces, xmlsec, openssl and curl via pkg-config
Propagate requirements into our pkg config file.patch \| (download)	Makefile.am \| 6 0 + 6 - 0 ! configure.ac \| 12 5 + 7 - 0 ! m4/ax_create_pkgconfig_info.m4 \| 349 0 + 349 - 0 ! m4/ax_pkg_check_modules.m4 \| 69 69 + 0 - 0 ! xmltooling.pc.in \| 13 13 + 0 - 0 ! 5 files changed, 87 insertions(+), 362 deletions(-)	propagate requirements into our pkg-config file
Make pkgconfigdir configurable.patch \| (download)	Makefile.am \| 1 0 + 1 - 0 ! configure.ac \| 1 1 + 0 - 0 ! 2 files changed, 1 insertion(+), 1 deletion(-)	make pkgconfigdir configurable
Print result of CURLINFO_TLS_SSL_PTR test.patch \| (download)	configure.ac \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	print result of curlinfo_tls_ssl_ptr test
Make pkgxmldir configurable.patch \| (download)	configure.ac \| 6 6 + 0 - 0 ! schemas/Makefile.am \| 2 0 + 2 - 0 ! xmltooling.pc.in \| 2 2 + 0 - 0 ! 3 files changed, 8 insertions(+), 2 deletions(-)	make pkgxmldir configurable
Finish separating flags use _LIBADD.patch \| (download)	configure.ac \| 12 8 + 4 - 0 ! xmltooling.pc.in \| 4 2 + 2 - 0 ! xmltooling/Makefile.am \| 14 8 + 6 - 0 ! 3 files changed, 18 insertions(+), 12 deletions(-)	finish separating flags, use _libadd
Add more forgotten test result prints.patch \| (download)	configure.ac \| 8 5 + 3 - 0 ! 1 file changed, 5 insertions(+), 3 deletions(-)	add more forgotten test result prints
Remove .pl extension of cxxtestgen.patch \| (download)	configure.ac \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	remove .pl extension of cxxtestgen
Don t install the test program but link correctly an.patch \| (download)	xmltoolingtest/Makefile.am \| 17 8 + 9 - 0 ! 1 file changed, 8 insertions(+), 9 deletions(-)	don't install the test program, but link correctly and run it
Test BUILD_UNITTEST in the main Makefile only.patch \| (download)	Makefile.am \| 6 5 + 1 - 0 ! xmltoolingtest/Makefile.am \| 6 0 + 6 - 0 ! 2 files changed, 5 insertions(+), 7 deletions(-)	test build_unittest in the main makefile only
The .cpp dependencies are well known no need to decl.patch \| (download)	xmltoolingtest/Makefile.am \| 1 0 + 1 - 0 ! 1 file changed, 1 deletion(-)	the .cpp dependencies are well known, no need to declare them
Refactor test source generation.patch \| (download)	xmltoolingtest/Makefile.am \| 56 25 + 31 - 0 ! 1 file changed, 25 insertions(+), 31 deletions(-)	refactor test source generation
Factor out the Xerces library dependence.patch \| (download)	xmltoolingtest/Makefile.am \| 5 3 + 2 - 0 ! 1 file changed, 3 insertions(+), 2 deletions(-)	factor out the xerces library dependence
Two more tests don t build without xmlsec.patch \| (download)	xmltoolingtest/Makefile.am \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	two more tests don't build without xmlsec
Only add found packages to the pkg config dependenci.patch \| (download)	m4/ax_pkg_check_modules.m4 \| 8 4 + 4 - 0 ! 1 file changed, 4 insertions(+), 4 deletions(-)	only add found packages to the pkg-config dependencies
Add separate pkg config file for xmltooling lite.patch \| (download)	Makefile.am \| 2 1 + 1 - 0 ! configure.ac \| 22 12 + 10 - 0 ! xmltooling-lite.pc.in \| 13 13 + 0 - 0 ! xmltooling.pc.in \| 4 2 + 2 - 0 ! 4 files changed, 28 insertions(+), 13 deletions(-)	add separate pkg-config file for xmltooling-lite
Enable skipping tests which require network access.patch \| (download)	xmltoolingtest/SecurityHelperTest.h \| 9 9 + 0 - 0 ! 1 file changed, 9 insertions(+)	enable skipping tests which require network access
Enable the dot feature of Doxygen.patch \| (download)	configure.ac \| 1 1 + 0 - 0 ! 1 file changed, 1 insertion(+)	enable the dot feature of doxygen
Get new pthread checks from the Autoconf Archive.patch \| (download)	configure.ac \| 2 1 + 1 - 0 ! m4/acx_pthread.m4 \| 283 0 + 283 - 0 ! m4/ax_pthread.m4 \| 485 485 + 0 - 0 ! 3 files changed, 486 insertions(+), 284 deletions(-)	get new pthread checks from the autoconf archive GCC wants -pthread, not -lpthread as returned by the old ACX_PTHREAD.
security/CVE 2018 0486 Block entity reference nodes during unmarsh.patch \| (download)	xmltooling/io/AbstractXMLObjectUnmarshaller.cpp \| 2 2 + 0 - 0 ! 1 file changed, 2 insertions(+)	cve-2018-0486 - block entity reference nodes during unmarshalling. https://issues.shibboleth.net/jira/browse/CPPXT-127
security/Add disallowDoctype to parser configuration.patch \| (download)	xmltooling/util/ParserPool.cpp \| 1 1 + 0 - 0 ! 1 file changed, 1 insertion(+)	add disallowdoctype to parser configuration.
security/CVE 2018 0489 Fix additional data forgery flaws.patch \| (download)	xmltooling/AbstractComplexElement.cpp \| 16 15 + 1 - 0 ! xmltooling/AbstractSimpleElement.cpp \| 22 14 + 8 - 0 ! xmltooling/io/AbstractXMLObjectUnmarshaller.cpp \| 5 3 + 2 - 0 ! xmltooling/util/ParserPool.cpp \| 2 2 + 0 - 0 ! 4 files changed, 34 insertions(+), 11 deletions(-)	cve-2018-0489 - fix additional data forgery flaws These flaws allow for changes to an XML document that do not break a digital signature but alter the user data passed through to applications enabling impersonation attacks and exposure of protected information. https://shibboleth.net/community/advisories/secadv_20180227.txt https://issues.shibboleth.net/jira/browse/CPPXT-128

Patch	File delta	Description
Disable forcing of libtool silent.patch \| (download)	configure.ac \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	disable forcing of libtool --silent Debian build log analysis wants verbose logs.
Use pkg config for log4shib log4cpp.patch \| (download)	configure.ac \| 53 4 + 49 - 0 ! xmltooling/Makefile.am \| 4 4 + 0 - 0 ! 2 files changed, 8 insertions(+), 49 deletions(-)	use pkg-config for log4shib/log4cpp
Fail configuration if dlopen is not found.patch \| (download)	configure.ac \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	fail configuration if dlopen() is not found
Discover xerces xmlsec openssl and curl via pkg conf.patch \| (download)	configure.ac \| 171 29 + 142 - 0 ! m4/ax_restore_flags.m4 \| 52 52 + 0 - 0 ! m4/ax_save_flags.m4 \| 71 71 + 0 - 0 ! xmltooling/Makefile.am \| 12 6 + 6 - 0 ! xmltoolingtest/Makefile.am \| 3 2 + 1 - 0 ! 5 files changed, 160 insertions(+), 149 deletions(-)	discover xerces, xmlsec, openssl and curl via pkg-config
Propagate requirements into our pkg config file.patch \| (download)	Makefile.am \| 6 0 + 6 - 0 ! configure.ac \| 12 5 + 7 - 0 ! m4/ax_create_pkgconfig_info.m4 \| 349 0 + 349 - 0 ! m4/ax_pkg_check_modules.m4 \| 69 69 + 0 - 0 ! xmltooling.pc.in \| 13 13 + 0 - 0 ! 5 files changed, 87 insertions(+), 362 deletions(-)	propagate requirements into our pkg-config file
Make pkgconfigdir configurable.patch \| (download)	Makefile.am \| 1 0 + 1 - 0 ! configure.ac \| 1 1 + 0 - 0 ! 2 files changed, 1 insertion(+), 1 deletion(-)	make pkgconfigdir configurable
Print result of CURLINFO_TLS_SSL_PTR test.patch \| (download)	configure.ac \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	print result of curlinfo_tls_ssl_ptr test
Make pkgxmldir configurable.patch \| (download)	configure.ac \| 6 6 + 0 - 0 ! schemas/Makefile.am \| 2 0 + 2 - 0 ! xmltooling.pc.in \| 2 2 + 0 - 0 ! 3 files changed, 8 insertions(+), 2 deletions(-)	make pkgxmldir configurable
Finish separating flags use _LIBADD.patch \| (download)	configure.ac \| 12 8 + 4 - 0 ! xmltooling.pc.in \| 4 2 + 2 - 0 ! xmltooling/Makefile.am \| 14 8 + 6 - 0 ! 3 files changed, 18 insertions(+), 12 deletions(-)	finish separating flags, use _libadd
Add more forgotten test result prints.patch \| (download)	configure.ac \| 8 5 + 3 - 0 ! 1 file changed, 5 insertions(+), 3 deletions(-)	add more forgotten test result prints
Remove .pl extension of cxxtestgen.patch \| (download)	configure.ac \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	remove .pl extension of cxxtestgen
Don t install the test program but link correctly an.patch \| (download)	xmltoolingtest/Makefile.am \| 17 8 + 9 - 0 ! 1 file changed, 8 insertions(+), 9 deletions(-)	don't install the test program, but link correctly and run it
Test BUILD_UNITTEST in the main Makefile only.patch \| (download)	Makefile.am \| 6 5 + 1 - 0 ! xmltoolingtest/Makefile.am \| 6 0 + 6 - 0 ! 2 files changed, 5 insertions(+), 7 deletions(-)	test build_unittest in the main makefile only
The .cpp dependencies are well known no need to decl.patch \| (download)	xmltoolingtest/Makefile.am \| 1 0 + 1 - 0 ! 1 file changed, 1 deletion(-)	the .cpp dependencies are well known, no need to declare them
Refactor test source generation.patch \| (download)	xmltoolingtest/Makefile.am \| 56 25 + 31 - 0 ! 1 file changed, 25 insertions(+), 31 deletions(-)	refactor test source generation
Factor out the Xerces library dependence.patch \| (download)	xmltoolingtest/Makefile.am \| 5 3 + 2 - 0 ! 1 file changed, 3 insertions(+), 2 deletions(-)	factor out the xerces library dependence
Two more tests don t build without xmlsec.patch \| (download)	xmltoolingtest/Makefile.am \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	two more tests don't build without xmlsec
Only add found packages to the pkg config dependenci.patch \| (download)	m4/ax_pkg_check_modules.m4 \| 8 4 + 4 - 0 ! 1 file changed, 4 insertions(+), 4 deletions(-)	only add found packages to the pkg-config dependencies
Add separate pkg config file for xmltooling lite.patch \| (download)	Makefile.am \| 2 1 + 1 - 0 ! configure.ac \| 22 12 + 10 - 0 ! xmltooling-lite.pc.in \| 13 13 + 0 - 0 ! xmltooling.pc.in \| 4 2 + 2 - 0 ! 4 files changed, 28 insertions(+), 13 deletions(-)	add separate pkg-config file for xmltooling-lite
Enable skipping tests which require network access.patch \| (download)	xmltoolingtest/SecurityHelperTest.h \| 9 9 + 0 - 0 ! 1 file changed, 9 insertions(+)	enable skipping tests which require network access
Enable the dot feature of Doxygen.patch \| (download)	configure.ac \| 1 1 + 0 - 0 ! 1 file changed, 1 insertion(+)	enable the dot feature of doxygen
Get new pthread checks from the Autoconf Archive.patch \| (download)	configure.ac \| 2 1 + 1 - 0 ! m4/acx_pthread.m4 \| 283 0 + 283 - 0 ! m4/ax_pthread.m4 \| 485 485 + 0 - 0 ! 3 files changed, 486 insertions(+), 284 deletions(-)	get new pthread checks from the autoconf archive GCC wants -pthread, not -lpthread as returned by the old ACX_PTHREAD.
security/CVE 2018 0486 Block entity reference nodes during unmarsh.patch \| (download)	xmltooling/io/AbstractXMLObjectUnmarshaller.cpp \| 2 2 + 0 - 0 ! 1 file changed, 2 insertions(+)	cve-2018-0486 - block entity reference nodes during unmarshalling. https://issues.shibboleth.net/jira/browse/CPPXT-127
security/Add disallowDoctype to parser configuration.patch \| (download)	xmltooling/util/ParserPool.cpp \| 1 1 + 0 - 0 ! 1 file changed, 1 insertion(+)	add disallowdoctype to parser configuration.
security/CVE 2018 0489 Fix additional data forgery flaws.patch \| (download)	xmltooling/AbstractComplexElement.cpp \| 16 15 + 1 - 0 ! xmltooling/AbstractSimpleElement.cpp \| 22 14 + 8 - 0 ! xmltooling/io/AbstractXMLObjectUnmarshaller.cpp \| 5 3 + 2 - 0 ! xmltooling/util/ParserPool.cpp \| 2 2 + 0 - 0 ! 4 files changed, 34 insertions(+), 11 deletions(-)	cve-2018-0489 - fix additional data forgery flaws These flaws allow for changes to an XML document that do not break a digital signature but alter the user data passed through to applications enabling impersonation attacks and exposure of protected information. https://shibboleth.net/community/advisories/secadv_20180227.txt https://issues.shibboleth.net/jira/browse/CPPXT-128