** Bug
* [CPPXT-105] - PKIX revocation checking calls OpenSSL's X509_verify_cert
in an unsupported way (breaks with OpenSSL 1.0.1p/1.0.2d and later)
Release Notes - XMLTooling - C++ - Version 1.5.5
** Bug
* [CPPXT-102] - BOOST autoconf macros break with gcc5
Release Notes - XMLTooling - C++ - Version 1.5.4
** Bug
* [CPPXT-97] - Segfault in HTTPResponse::setResponseHeader when used to
clear a header
* [CPPXT-99] - Slightly incorrect User-Agent string with libcurl requests
** Task
* [CPPXT-100] - Update Windows build to latest libraries
** Improvement
* [CPPXT-101] - Disable SSLv3 by default in SOAP client
This is part of fixing PR pkg/50354
Problems found locating distfiles:
Package cabocha: missing distfile cabocha-0.68.tar.bz2
Package convertlit: missing distfile clit18src.zip
Package php-enchant: missing distfile php-enchant/enchant-1.1.0.tgz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Bugfix
[CPPXT-92] - Update xmlsig 1.1 schema to final CR
Improvements
[CPPXT-94] - Configuration check should check for missing private key
[CPPXT-95] - Improve logging when libcurl is built without OpenSSL
1.5.2:
Bugfixes
[CPPXT-89] - Regression in deprecated catalog_path option during initialization
[CPPXT-90] - X509Digest generates base64 based on hex digest instead of binary
Improvement
[CPPXT-91] - KeyInfoResolver code returns empty credential object.
1.5.1:
Improvement
[CPPXT-88] - Support path resolution in ParserPool / catalog files
1.5.0:
Bugfixes
[CPPXT-76] - Remove compile time version output where possible.
[CPPXT-79] - link fails if xml-security-c library outside default link path
[CPPXT-83] - Transport layer not handling Last-Modified header correctly
[CPPXT-84] - Problems compiling log4shib on Solaris SPARC 10 with Sun
Studio 12.1 with 64bit libraries
[CPPXT-86] - Small Memory Leak in XMLObjectBuilder::buildFromElement()
Improvements
[CPPXT-70] - Improve remote CRL access and caching support
[CPPXT-78] - Support configuration of name and policy restrictions for the
signature metadata filter (signing certificate)
[CPPXT-82] - libcurl, ExplicitKeyTrustEngine, PKIX could provide additional
debug information
[CPPXT-87] - Libcurl versions before 7.20 do not refresh caches of IdP IP
address look-ups - this breaks SAML1 attribute query if the IdP's
IP address is changed
Bug
* User-Agent string for AttributeQuery is throwing junk into request
* Chaining TrustEngine doesn't clear matching criteria between engines, so
TrustEngine ordering affects the results.
New Feature
* Implement support for fetching CRLs based on the CRL distribution point
extension
interface to XML processing, particularly in light of signing and encryption.
This package includes two alternate library versions, one with security support,
and one so-called "lite" version without that support.
