Apache Santuario

Skip to end of metadata
Go to start of metadata

Apache XML Security for Java 1.4.3 release notes

  • XML signature HMAC truncation authentication bypass. See Issue 47526.
  • checkstyle problems with source and tests. See Issue 47525.
  • ECDSA signature value interopability patch. See Issue 42239.
  • XPath transform and xml-stylesheet. See Issue 45744.
  • The </#document node> inserted at the end of SOAPEnvelope. See Issue 42986.
  • Unnecessary namespace declarations on EncryptedData children. See Issue 47029.
  • Can't validate after invalid validation. See Issue 44335.
  • Improve Java unit testing. See Issue 47260.
  • Some website updates. See Issue 47265.
  • We need a POM file added to the Maven repository. See Issue 45388.
  • Remove JDK 1.5 API dependencies. See Issue 47483.
  • Downgrade signature verification logging from "info". See Issue 47057.
  • Method to disable XMLUtils.addReturnToElement (reopened): changed Base64 code to ignore line breaks, if enabled. See Issue 42061.
  • Reusing XMLSignature for signing and verifying fails on same thread. See Issue 47097.
  • Failed to add more than one child element to EncryptionMethod. See Issue 46732.
  • org.apache.xml.security.utils.IdResolver is not thread safe. See Issue 46101.
  • verify with own canonicalization method. See Issue 45961.
  • XMLSignature::getKeyInfo method modifies document. See Issue 45475.
  • Fix XMLSec 1.4.2 problems reported by findbugs. See Issue 45811.
  • Transform.register class loading and recursive instantiation problems. See Issue 45706.
  • Some calls should be wrapped in AccessController.doPrivileged. See Issue 45664.
  • Restore XMLUtils.createDSctx method. See Issue 45634.
  • log4j.properties in xmlsec sources and builds has side effects in production environment. See Issue 45095.
  • No labels

0 Comments