Skip to content

Releases: lsh123/xmlsec

XMLSec 1.3.7 (rc1)

30 Jan 18:06
@lsh123 lsh123
1.3.7-rc1
c788979
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
XMLSec 1.3.7 (rc1) Pre-release
Pre-release

The XML Security Library 1.3.7 release includes the following changes:

  • (xmlsec-core) Added XMLSEC_TRANSFORM_FLAGS_USER_SPECIFIED flag to the xmlSecTransform to differentiate transforms specified in the input XML file vs transforms automatically added by XMLSec library.
  • (xmlsec-core) Added signature result verification to the examples to demonstrate the need to ensure the correct data is actually signed.
  • (xmlsec-core) Disabled old crypto algorithms (MD5, RIPEMD160) and the old crypto engines (MSCrypto, GCrypt) by default (use "--with-legacy-features" option to reenable everything).
  • (xmlsec-openssl) Fixed excess padding in ECDSA signature generation.
  • (xmlsec-nss) Fixed certificates search in NSS DB.
  • (xmlsec-openssl, xmlsec-gnutls, xmlsec-mscng) Added an option to skip timestamp checks for certificates and CLRs.
  • (xmlsec-windows) Disabled old crypto algorithms (MD5, RIPEMD160), made "mscng" the default crypto engine on Windows, and added support for "legacy-features" flag for "configure.js".
  • Several other small fixes (see more details).

Please test the release candidate (signature) and let me know if you see any issues!

Assets 5
Loading
0 Join discussion

XMLSec 1.3.6

22 Oct 13:30
@lsh123 lsh123
1.3.6
cff6a7f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
XMLSec 1.3.6 Latest
Latest

The XML Security Library 1.3.6 release includes the following changes:

  • (xmlsec-openssl) Fixed build if OpenSSL 3.0 doesn't have engines support enabled.
  • (xmlsec-mscng, xmlsec-mscrypto) Added support for multiple trusted certs with the same subject.
  • (windows) Disabled iconv support by default (use 'iconv=yes' option for 'configure.js' to re-enable it).
  • Several other small fixes (see more details).

Thanks for bug reports!

Aleksey

Assets 5
Loading
5 Join discussion

XMLSec 1.3.6 (rc1)

07 Oct 19:11
@lsh123 lsh123
1.3.6-rc1
abdda70
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
XMLSec 1.3.6 (rc1) Pre-release
Pre-release

The XML Security Library 1.3.6 release includes the following changes:

  • (xmlsec-openssl) Fixed build if OpenSSL 3.0 doesn't have engines support enabled.
  • (xmlsec-mscng, xmlsec-mscrypto) Added support for multiple trusted certs with the same subject.
  • (windows) Disabled iconv support by default (use 'iconv=yes' option for 'configure.js' to re-enable it).
  • Several other small fixes (see more details).

Please test the release candidate (signature) and let me know if you see any issues!

Assets 4
Loading
2 Join discussion

XMLSec 1.3.5

18 Jul 20:08
@lsh123 lsh123
1.3.5
d76b77b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
XMLSec 1.3.5

The XML Security Library 1.3.5 release includes the following changes:

  • (xmlsec-mscng, xmlsec-mscrypto) Improved certificates verification.
  • (xmlsec-gnutls) Added support for self-signed certificates.
  • (xmlsec-core) Fix deprecated functions in LibXML2 2.13.1 including disabling HTTP support by default (use ''--enable-http' option to re-enable it).
  • Several other small fixes (see more details).

All users of xmlsec-mscng and xmlsec-mscrypto are urged to upgrade to this version.

Thanks for bug reports and PRs!

Aleksey

Assets 5
Loading
0 Join discussion

XMLSec 1.2.41 (legacy)

18 Jul 19:52
@lsh123 lsh123
1.2.41
fa0590e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
XMLSec 1.2.41 (legacy)

The legacy XML Security Library 1.2.40 release includes the following changes:

  • (xmlsec-mscng,xmlsec-mscrypto) Improved certificates verification.
  • (xmlsec-gnutls) Added support for self-signed certificates.
  • Several other small fixes (more details).

All users of legacy 1.2.x versions of xmlsec-mscng and xmlsec-mscrypto are urged to upgrade to this version.

Thanks for bug reports!
Aleksey

Assets 4
Loading
0 Join discussion

XMLSec 1.2.40 (legacy)

11 Jul 22:11
@lsh123 lsh123
1.2.40
be6111f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
XMLSec 1.2.40 (legacy)

The legacy XML Security Library 1.2.40 release includes the following changes:

  • (xmlsec-core) Fixed functions deprecated in LibXML2 2.13.1 (including disabling HTTP support by default).
  • (xmlsec-nss) Increased keys size in all tests to support NSS 3.101.
  • (windows) Added "ftp" and "http" flags in 'configure.js' (both are disabled by default).
  • Several other small fixes (more details).
Assets 4
Loading
0 Join discussion

XMLSec 1.3.4

09 Apr 14:57
@lsh123 lsh123
1.3.4
8e1f115
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
XMLSec 1.3.4

The XML Security Library 1.3.4 release includes the following changes:

  • (xmlsec-openssl) Support cert dates before unix epoch start.
  • (xmlsec-openssl) Fix build for LibreSSL or BoringSSL.
  • (xmlsec-nss) Ensure NSS algorithms are initialized.
  • Several other small fixes (see more details).

Thanks for bug reports and PRs!

Aleksey

Assets 5
Loading
0 Join discussion

XMLSec 1.3.4-rc1

27 Mar 17:28
@lsh123 lsh123
1.3.4-rc1
8e1f115
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
XMLSec 1.3.4-rc1 Pre-release
Pre-release

The XML Security Library 1.3.4 release includes the following changes:

  • (xmlsec-openssl) Support cert dates before unix epoch start.
  • (xmlsec-openssl) Fix build for LibreSSL or BoringSSL.
  • (xmlsec-nss) Ensure NSS algorithms are initialized.
  • Several other small fixes (see more details).

Please test the release candidate (signature) and let me know if you see any issues!

Assets 4
Loading
2 Join discussion

XMLSec 1.3.3

04 Jan 16:26
@lsh123 lsh123
1.3.3
3265f3b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
XMLSec 1.3.3

The XML Security Library 1.3.3 release includes the following changes:

  • (xmlsec-core) Disabled KeyValue and DEREncodedKeyValue XML nodes by default. Use the '--enabled-key-data' option for the xmlsec command line utility or update the 'keyInfoCtx->enabledKeyData' parameter if you need to re-enable these nodes (also see question 3.5 in the FAQ).
  • (xmlsec-core) Removed '--enable-size-t' ('size_t' for MSVC builds) option and made 'xmlSecSize' to always be the same as 'size_t'.
  • (xmlsec-core) Removed previously deprecated functions, defines, etc.
  • (xmlsec-core) Fixed build for libxml2 v2.12.0.
  • (xmlsec-openssl) Removed support for OpenSSL 1.1.0 (end of life in Aug 2016). The minimum OpenSSL supported version is 1.1.1; the version 3.0.0 or greater is recommended.
  • (xmlsec-nss) Added runtime check for the enabled algorithms in NSS.
  • (xmlsec-mscrypto) Removed NT4 support.
  • Several other small fixes (see more details).

Thanks for bug reports and PRs!

Aleksey

Assets 5
Loading
4 Join discussion

XMLSec 1.3.3-rc1

22 Dec 15:41
@lsh123 lsh123
1.3.3-rc1
46c01ed
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
XMLSec 1.3.3-rc1 Pre-release
Pre-release

The XML Security Library 1.3.3 release includes the following changes:

  • (xmlsec-core) Disabled KeyValue and DEREncodedKeyValue XML nodes by default. Use the '--enabled-key-data' option for the xmlsec command line utility or update the 'keyInfoCtx->enabledKeyData' parameter if you need to re-enable these nodes (also see question 3.5 in the FAQ).
  • (xmlsec-core) Removed '--enable-size-t' ('size_t' for MSVC builds) option and made 'xmlSecSize' to always be the same as 'size_t'.
  • (xmlsec-core) Removed previously deprecated functions, defines, etc.
  • (xmlsec-core) Fixed build for libxml2 v2.12.0.
  • (xmlsec-openssl) Removed support for OpenSSL 1.1.0 (end of life in Aug 2016). The minimum OpenSSL supported version is 1.1.1; the version 3.0.0 or greater is recommended.
  • (xmlsec-nss) Added runtime check for the enabled algorithms in NSS.
  • (xmlsec-mscrypto) Removed NT4 support.
  • Several other small fixes (see more details).

Please test the release candidate (signature) and let me know if you see any issues!

Assets 4
Loading
2 Join discussion