Linux repositories inspector

libxmltooling8 - C++ XML parsing library with encryption support (runtime)

The XMLTooling library contains generic XML parsing and processing classes based on the Xerces-C DOM. It adds more powerful facilities for declaring element- and type-specific API and implementation classes, as well as signing and encryption support.
This package contains the files necessary for running applications that use the XMLTooling library.
3.0.4
Debian iconDebian 10.0
Debian iconDebian 9.0
OpenSUSE iconOpenSUSE Tumbleweed
Ubuntu iconUbuntu 19.04
3.0.2
Ubuntu iconUbuntu 18.10
DistributionVersionSincePackageInstalledPackager
Debian iconDebian 10.0 buster/maindeb3.0.4-117.03.2019604 kiB4.28 MiB
Debian iconDebian 9.0 stretch-backports/maindeb3.0.4-1~bpo9+109.04.2019565 kiB4.13 MiB
OpenSUSE iconOpenSUSE Tumbleweed ossrpm3.0.4-1.124.03.2019532 kiB3.46 MiBhttps://bugs.opensuse.org
Ubuntu iconUbuntu 18.10 cosmic/universedeb3.0.2-1ubuntu114.01.2019593 kiB4.21 MiB
Ubuntu iconUbuntu 18.10 cosmic-security/universedeb3.0.2-1ubuntu1.126.03.2019590 kiB4.21 MiB
Ubuntu iconUbuntu 18.10 cosmic-updates/universedeb3.0.2-1ubuntu1.126.03.2019590 kiB4.21 MiB
Ubuntu iconUbuntu 19.04 disco/universedeb3.0.4-118.03.2019597 kiB4.23 MiB

Latest updates

Debian 9.0 icon

Debian 9.0 stretch-backports/main: Version 3.0.4-1~bpo9+1 introduced

09.04.2019 16:45
  • Rebuild for stretch-backports.
  • [89e1b1e] Require Xerces-C 3.2
  • [b93628c] Stay with OpenSSL 1.0.
    Since libcurl in stretch is built against OpenSSL 1.0, we have to use the same version.
    Revert "Enable building with OpenSSL 1.1"
    This reverts commit cb6df2ad67dccc66884bcd86ba8d9eebdac58813.
Ubuntu 18.10 icon

Ubuntu 18.10 cosmic-updates/universe: Version 3.0.2-1ubuntu1.1 introduced

26.03.2019 10:55
  • SECURITY UPDATE: uncaught exception on malformed XML declaration Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected exception type.
    This generally manifests as a crash in the calling code, which in the Service Provider software's case is usually the shibd daemon process, but can be Apache in some cases. Note that the crash occurs prior to evaluation of a message's authenticity, so can be exploited by an untrusted attacker.
Ubuntu 18.10 icon

Ubuntu 18.10 cosmic-security/universe: Version 3.0.2-1ubuntu1.1 introduced

26.03.2019 10:00
  • SECURITY UPDATE: uncaught exception on malformed XML declaration Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected exception type.
    This generally manifests as a crash in the calling code, which in the Service Provider software's case is usually the shibd daemon process, but can be Apache in some cases. Note that the crash occurs prior to evaluation of a message's authenticity, so can be exploited by an untrusted attacker.
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Updated from 3.0.3-1.2 to 3.0.4-1.1

24.03.2019 20:39
  • update to 3.0.4
    • [CPPXT-143] - Crash due to uncaught DOMException
      bsc#1129537 [CVE-2019-9628]
    • [CPPXT-144] - CURL SOAP Transport: unset Expect Header
Ubuntu 19.04 icon

Ubuntu 19.04 disco/universe: Updated from 3.0.3-1 to 3.0.4-1

18.03.2019 20:12
  • [f185b26] New upstream security release: 3.0.4
    DSA-4407-1, CVE-2019-9628: uncaught exception on malformed XML declaration.
    Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected exception type.
    This generally manifests as a crash in the calling code, which in the Service Provider software's case is usually the shibd daemon process, but can be Apache in some cases. Note that the crash occurs prior to evaluation of a message's authenticity, so can be exploited by an untrusted attacker.
    https://shibboleth.net/community/advisories/secadv_20190311.txt https://issues.shibboleth.net/jira/browse/CPPXT-143 Thanks to Scott Cantor (Closes: #924346)
Debian 10.0 icon

Debian 10.0 buster/main: Updated from 3.0.3-1 to 3.0.4-1

17.03.2019 04:57
  • [f185b26] New upstream security release: 3.0.4
    DSA-4407-1, CVE-2019-9628: uncaught exception on malformed XML declaration.
    Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected exception type.
    This generally manifests as a crash in the calling code, which in the Service Provider software's case is usually the shibd daemon process, but can be Apache in some cases. Note that the crash occurs prior to evaluation of a message's authenticity, so can be exploited by an untrusted attacker.
    https://shibboleth.net/community/advisories/secadv_20190311.txt https://issues.shibboleth.net/jira/browse/CPPXT-143 Thanks to Scott Cantor (Closes: #924346)
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Updated from 3.0.3-1.1 to 3.0.3-1.2

15.03.2019 14:48
  • update to 3.0.3
    • [CPPXT-136] - Likely issues with empty element content in KeyInfo handling code
    • [CPPXT-138] - xmltooling does not build with OpenSSL-1.1.1
    • [CPPXT-139] - DataSealer needs to catch both Santuario exception types
    • [CPPXT-137] - OpenSSL 1.1.1 work
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Updated from 3.0.2-1.2 to 3.0.3-1.1

15.02.2019 12:57
  • update to 3.0.3
    • [CPPXT-136] - Likely issues with empty element content in KeyInfo handling code
    • [CPPXT-138] - xmltooling does not build with OpenSSL-1.1.1
    • [CPPXT-139] - DataSealer needs to catch both Santuario exception types
    • [CPPXT-137] - OpenSSL 1.1.1 work
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Updated from 3.0.2-1.1 to 3.0.2-1.2

03.02.2019 10:23
  • update to 3.0.2
    • [CPPXT-135] - Lite half of library has unintentional zlib dependency
    • [CPPXT-134] - Reloadable configuration deleting backing file on a 304
    • [CPPXT-33] - Credential::getCredentialContext method misspelled
    • [CPPXT-81] - Use of LIBS in place of LDFLAGS in configure tests break custom builds
    • [CPPXT-111] - Build flags leak into pkg-config files
    • [CPPXT-114] - ExplicitKeyTrustEngine doesn't handle EC in the OpenSSL case
    • [CPPXT-116] - Apache 2.4 / Shibboleth Deadlock
    • [CPPXT-127] - DTD-defined entities can be added to XML without breaking signature
    • [CPPXT-133] - Eliminate uses of getTextContent in DOM helpers
    • [CPPXT-110] - OpenSSL 1.1 compatibility
    • [CPPXT-123] - Updates and next releases of Xerces and Santuario
    • [CPPXT-126] - TODO and cleanup tasks for V3
    • [CPPXT-118] - Address any deprecated CURL options
    • [CPPXT-120] - Set disallow-doctype property on DOMLSParser
    • [CPPXT-122] - Replace DateTime class with Xerces version
    • [CPPXT-125] - Consider making
      AbractPKIXTrustEngine::checkEntityNames virtual
    • [CPPXT-130] - auto_ptr cleanup
    • [CPPXT-132] - Slow down dependent on curl version
  • update soname for libxmltooling library from 7 to 8
  • require libxerces-c-devel >= 3.2 and libxml-security-c-devel >= 2.0.0
  • add Buildrequires: zlib-devel
  • remove upstream patches supporting building with openssl 1.1 that are no longer needed
    • 0023-CPPXT-110-OpenSSL-1.1-removes-BIO_s_file_internal.patch
    • 0011-CPPXT-110-Clean-up-some-collateral-damage-from-previ.patch
    • 0005-CPPXT-110-OpenSSL-1.1-removes-BIO_s_file_internal.patch
    • 0026-CPPXT-110-OpenSSL-1.1-library-names-have-changes.patch
    • 0027-Commit-a-xmltoolingtest.vcxproj.user.patch
    • 0010-CPPXT-110-Start-to-add-tests-to-exercise-XSEC-paths-.patch
    • 0003-CPPXT-110-OpenSSL-1.1-makes-DSA-opaque.patch
    • 0002-CPPXT-110-Add-new-OpenSSL-support-files-to-Unix-buil.patch
    • 0012-CPPXT-110-Add-test-path-for-RSA-loadXXXBigNums.patch
    • 0009-CPPXT-110-Start-to-add-tests-to-exercise-XSEC-paths-.patch
    • 0020-CPPXT-110-Add-new-OpenSSL-support-files-to-Unix-buil.patch
    • 0024-CPPXT-110-OpenSSL-1.1-internalizes-locking.patch
    • 0006-CPPXT-110-OpenSSL-1.1-internalizes-locking.patch
    • 0028-CPPXT-110-OpenSSL-1.1-OpenSSL1.1-changes-to-newly-in.patch
    • 0025-CPPXT-110-OpenSSL-1.1-Fix-some-signatures-and-names.patch
    • 0016-CPPXT-110-Round-trip-verify-test-for-OpenSSLCryptoKe.patch
    • 0021-CPPXT-110-OpenSSL-1.1-makes-DSA-opaque.patch
    • 0007-Unwind-previous.patch
    • 0013-CPPXT-110-Used-Named-curves-for-EC-testing.patch
    • 0030-CPPXT-110-OpenSSL-1.1-New-build-mechanisms.patch
    • 0031-Missed-file-for-OpenSSL1.1-support.patch
    • 0029-CPPXT-110-OpenSSL-1.1-Cleanup-tests.patch
    • 0022-CPPXT-110-OpenSSL-1.1-makes-EVP_PKEY-opaque.patch
    • 0017-CPPXT-110-Inverted-parameters-to-TSM_ASSERT-in-DSA-t.patch
    • 0008-CPPXT-110-Checkin-prototypical-vcxproj.user-file-for.patch
    • 0019-CPPXT-110-OpenSSL-1.1-makes-X509_STORE_CTX-and-X509_.patch
    • 0001-CPPXT-110-OpenSSL-1.1-makes-X509_STORE_CTX-and-X509_.patch
    • 0018-CPPXT-110-Test-for-OpenSSL-part-of-ExplicitKeyTrustE.patch
    • 0004-CPPXT-110-OpenSSL-1.1-makes-EVP_PKEY-opaque.patch
    • 0015-CPPXT-110-test-for-code-changes-to-OpenSSLCryptoKeyE.patch
    • 0014-CPPXT-110-test-for-code-changes-to-OpenSSLCryptoKeyD.patch
  • introduce libxmltooling-lite subpackage
OpenSUSE Tumbleweed icon

OpenSUSE Tumbleweed oss: Version 3.0.2-1.1 introduced

17.01.2019 17:03
  • update to 3.0.2
    • [CPPXT-135] - Lite half of library has unintentional zlib dependency
    • [CPPXT-134] - Reloadable configuration deleting backing file on a 304
    • [CPPXT-33] - Credential::getCredentialContext method misspelled
    • [CPPXT-81] - Use of LIBS in place of LDFLAGS in configure tests break custom builds
    • [CPPXT-111] - Build flags leak into pkg-config files
    • [CPPXT-114] - ExplicitKeyTrustEngine doesn't handle EC in the OpenSSL case
    • [CPPXT-116] - Apache 2.4 / Shibboleth Deadlock
    • [CPPXT-127] - DTD-defined entities can be added to XML without breaking signature
    • [CPPXT-133] - Eliminate uses of getTextContent in DOM helpers
    • [CPPXT-110] - OpenSSL 1.1 compatibility
    • [CPPXT-123] - Updates and next releases of Xerces and Santuario
    • [CPPXT-126] - TODO and cleanup tasks for V3
    • [CPPXT-118] - Address any deprecated CURL options
    • [CPPXT-120] - Set disallow-doctype property on DOMLSParser
    • [CPPXT-122] - Replace DateTime class with Xerces version
    • [CPPXT-125] - Consider making
      AbractPKIXTrustEngine::checkEntityNames virtual
    • [CPPXT-130] - auto_ptr cleanup
    • [CPPXT-132] - Slow down dependent on curl version
  • update soname for libxmltooling library from 7 to 8
  • require libxerces-c-devel >= 3.2 and libxml-security-c-devel >= 2.0.0
  • add Buildrequires: zlib-devel
  • remove upstream patches supporting building with openssl 1.1 that are no longer needed
    • 0023-CPPXT-110-OpenSSL-1.1-removes-BIO_s_file_internal.patch
    • 0011-CPPXT-110-Clean-up-some-collateral-damage-from-previ.patch
    • 0005-CPPXT-110-OpenSSL-1.1-removes-BIO_s_file_internal.patch
    • 0026-CPPXT-110-OpenSSL-1.1-library-names-have-changes.patch
    • 0027-Commit-a-xmltoolingtest.vcxproj.user.patch
    • 0010-CPPXT-110-Start-to-add-tests-to-exercise-XSEC-paths-.patch
    • 0003-CPPXT-110-OpenSSL-1.1-makes-DSA-opaque.patch
    • 0002-CPPXT-110-Add-new-OpenSSL-support-files-to-Unix-buil.patch
    • 0012-CPPXT-110-Add-test-path-for-RSA-loadXXXBigNums.patch
    • 0009-CPPXT-110-Start-to-add-tests-to-exercise-XSEC-paths-.patch
    • 0020-CPPXT-110-Add-new-OpenSSL-support-files-to-Unix-buil.patch
    • 0024-CPPXT-110-OpenSSL-1.1-internalizes-locking.patch
    • 0006-CPPXT-110-OpenSSL-1.1-internalizes-locking.patch
    • 0028-CPPXT-110-OpenSSL-1.1-OpenSSL1.1-changes-to-newly-in.patch
    • 0025-CPPXT-110-OpenSSL-1.1-Fix-some-signatures-and-names.patch
    • 0016-CPPXT-110-Round-trip-verify-test-for-OpenSSLCryptoKe.patch
    • 0021-CPPXT-110-OpenSSL-1.1-makes-DSA-opaque.patch
    • 0007-Unwind-previous.patch
    • 0013-CPPXT-110-Used-Named-curves-for-EC-testing.patch
    • 0030-CPPXT-110-OpenSSL-1.1-New-build-mechanisms.patch
    • 0031-Missed-file-for-OpenSSL1.1-support.patch
    • 0029-CPPXT-110-OpenSSL-1.1-Cleanup-tests.patch
    • 0022-CPPXT-110-OpenSSL-1.1-makes-EVP_PKEY-opaque.patch
    • 0017-CPPXT-110-Inverted-parameters-to-TSM_ASSERT-in-DSA-t.patch
    • 0008-CPPXT-110-Checkin-prototypical-vcxproj.user-file-for.patch
    • 0019-CPPXT-110-OpenSSL-1.1-makes-X509_STORE_CTX-and-X509_.patch
    • 0001-CPPXT-110-OpenSSL-1.1-makes-X509_STORE_CTX-and-X509_.patch
    • 0018-CPPXT-110-Test-for-OpenSSL-part-of-ExplicitKeyTrustE.patch
    • 0004-CPPXT-110-OpenSSL-1.1-makes-EVP_PKEY-opaque.patch
    • 0015-CPPXT-110-test-for-code-changes-to-OpenSSLCryptoKeyE.patch
    • 0014-CPPXT-110-test-for-code-changes-to-OpenSSLCryptoKeyD.patch
  • introduce libxmltooling-lite subpackage
Ubuntu 19.04 icon

Ubuntu 19.04 disco/universe: Version 3.0.3-1 introduced

14.01.2019 13:08
Ferenc Wágner
  • [d7405e9] New upstream release: 3.0.3
  • [58fafb7] Drop the patches, they are included in upstream 3.0.3
  • [97b5311] Update Standards-Version to 4.3.0 (no changes required).
Pino Toscano
  • [36d1972] Declare zlib1g-dev build dependency (Closes: #915820)
Ubuntu 18.10 icon

Ubuntu 18.10 cosmic/universe: Version 3.0.2-1ubuntu1 introduced

14.01.2019 03:12
  • debian/patches/openssl-1.1.1-compat.patch: Fix build failure with openssl 1.1.1.
Debian 10.0 icon

Debian 10.0 buster/main: Version 3.0.3-1 introduced

12.01.2019 14:15
Ferenc Wágner
  • [d7405e9] New upstream release: 3.0.3
  • [58fafb7] Drop the patches, they are included in upstream 3.0.3
  • [97b5311] Update Standards-Version to 4.3.0 (no changes required).
Pino Toscano
  • [36d1972] Declare zlib1g-dev build dependency (Closes: #915820)

Related packages

libxmltooling8-debuginfo - Debug information for package libxmltooling8
⇧ Top