[xmlsec] New xmlsec 1.2.24 release
Aleksey Sanin
aleksey at aleksey.com
Thu Apr 20 07:28:02 PDT 2017
The XML Security Library 1.2.24 release includes the following changes:
* Added ECDSA-SHA1, ECDSA-SHA256, ECDSA-SHA512 support
for xmlsec-nss (vmiklos).
* Fixed XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS
handling (vmiklos).
* Disabled external entities loading by xmlsec utility app by
default to prevent XXE attacks (d-hat).
* Improved OpenSSL version and features detection.
* Cleaned up, simplified, and standardized internal error
reporting.
* Fixed a few Coverity-discovered bugs.
* Marked as deprecated all the functions in xmlsec/soap.h file
and a couple other functions no longer required by xmlsec.
These functions will be removed in the future releases.
* Several other small fixes (see commit log for more details).
Please note that OpenSSL 0.9.8 support will be removed in the next
release of XMLSec library.
You can find the new release in the usual place:
http://www.aleksey.com/xmlsec/download.html
Thanks to everyone who contributed patches and filed bugs!
Best,
Aleksey Sanin
More information about the xmlsec
mailing list