This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The StAX-based (streaming) functionality is only available as of the 2.0.0 release. Please see the Streaming XML Security page for more information about how to use this approach.

News

...

August 2019

Version 2.1.5.6 4 of the Apache XML Security for Java library has been released.

This release contains a fix for a security advisory - CVE-2019-12400: Apache Santuario potentially loads XML parsing code from an untrusted source. Please see the release notes security advisories page for more information.

This release fixes a new security advisory CVE-2013-4517.

June 2013

Security advisory CVE-2013-2172 has been issued for Please see the release notes for more information.

March 2019

Version 2.1.3 of the Apache XML Security for Java project. Versions 1.4.8 and 1.5.5 have been released, fixing this issue.library has been released.

Please see the release notes for more information.

June 2018

Version 2.1.2 of the Apache XML Security for Java library has been released.

Please see the release notes for more information.

Old News

See here for older news.