Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
xmltooling.29630
xmltooling.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File xmltooling.changes of Package xmltooling.29630
------------------------------------------------------------------- Wed Jun 21 11:02:49 UTC 2023 - Danilo Spinella <danilo.spinella@suse.com> - Fix server-side request forgery (SSRF) vulnerability [bsc#1212359] [CVE-2023-36661] * bsc1212359.patch ------------------------------------------------------------------- Thu Mar 21 12:28:18 UTC 2019 - Kristýna Streitová <kstreitova@suse.com> - add xmltooling-1.5.6-CVE-2019-9628.patch to fix a security bug where XML parser class fails to trap exceptions on malformed XML declaration [bsc#1129537] [CVE-2019-9628] ------------------------------------------------------------------- Wed Feb 28 11:15:10 UTC 2018 - kstreitova@suse.com - add xmltooling-1.5.6-CVE-2018-0489.patch to fix a security bug when xmltooling 1.6.4 mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486. [bsc#1083247] [CVE-2018-0489] ------------------------------------------------------------------- Mon Jan 15 12:06:37 UTC 2018 - kstreitova@suse.com - add xmltooling-1.5.6-CVE-2018-0486.patch to fix a security bug when xmltooling mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD [bsc#1075975], [CVE-2018-0486] ------------------------------------------------------------------- Tue Sep 8 08:33:40 UTC 2015 - kstreitova@suse.com - sync Apache:Shibboleth packages with SLE12SP1 [bnc#944796] ------------------------------------------------------------------- Mon Sep 7 14:39:36 UTC 2015 - kstreitova@suse.com - update to xmltooling 1.5.6 * [CPPXT-105] - PKIX revocation checking calls OpenSSL's X509_verify_cert in an unsupported way (breaks with OpenSSL 1.0.1p/1.0.2d and later) ------------------------------------------------------------------- Wed Aug 5 18:04:11 UTC 2015 - mpluskal@suse.com - Add gpg signature ------------------------------------------------------------------- Thu Jul 30 09:40:32 UTC 2015 - kstreitova@suse.com - adjust Summary in the specfile - remove unused conditionals ------------------------------------------------------------------- Mon Jul 27 08:33:52 UTC 2015 - kstreitova@suse.com - use spec-cleaner - package cleaning - add xmltooling-1.5.5-doxygen_timestamp.patch to remove timestamps in a documentation generated by Doxygen and avoid RPMLINT warnings (file-contains-date-and-time). ------------------------------------------------------------------- Fri Jul 24 15:15:45 UTC 2015 - kstreitova@suse.com - initial revision
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor