[
https://issues.apache.org/jira/browse/WSS-710?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-710:
Fix Version/s: 4.0.0
3.0.4
> Implementation of the configuration opti
With 3 binding +1 votes, and 2 non-binding +1 votes, this vote passes.
I'll do the release.
Colm.
On Mon, Feb 26, 2024 at 12:18 PM Jim Ma wrote:
>
> +1
>
> Jim
>
> On Thu, Feb 22, 2024 at 10:25 PM Colm O hEigeartaigh
> wrote:
>>
>> This is a vote to releas
This is a vote to release Apache WSS4J 3.0.3. It contains an update to
use XML Security for Java 3.0.4 and functionality to support key
agreement using ECDH-ES.
Release notes: https://issues.apache.org/jira/projects/WSS/versions/12353796
Artifacts:
[
https://issues.apache.org/jira/browse/WSS-706?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-706.
-
Resolution: Fixed
> Support for Key Agreement using ECDH
[
https://issues.apache.org/jira/browse/WSS-709?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-709.
-
Resolution: Fixed
> Add more setter methods for AlgorithmSuite$AlgorithmSuiteT
[
https://issues.apache.org/jira/browse/WSS-709?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-709:
Fix Version/s: 4.0.0
3.0.3
> Add more setter methods for AlgorithmSu
[
https://issues.apache.org/jira/browse/WSS-706?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17810963#comment-17810963
]
Colm O hEigeartaigh commented on WSS-706:
-
Yes that kind of workaround would be fine [~jrihtarsic
[
https://issues.apache.org/jira/browse/WSS-706?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-706:
Fix Version/s: 3.0.3
> Support for Key Agreement using ECDH
[
https://issues.apache.org/jira/browse/WSS-706?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17810920#comment-17810920
]
Colm O hEigeartaigh commented on WSS-706:
-
[~jrihtarsic] I committed it to 3.0.x-fixes, however
[
https://issues.apache.org/jira/browse/WSS-706?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-706:
Fix Version/s: 4.0.0
> Support for Key Agreement using ECDH
[
https://issues.apache.org/jira/browse/WSS-708?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-708.
-
Resolution: Fixed
> Support for EdDSA keys and ED25519 ED448 and signature algori
[
https://issues.apache.org/jira/browse/WSS-706?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17807076#comment-17807076
]
Colm O hEigeartaigh commented on WSS-706:
-
Waiting for a new PR to be created against master branch
[
https://issues.apache.org/jira/browse/WSS-708?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-708:
Fix Version/s: 4.0.0
3.0.3
> Support for EdDSA keys and ED25519 ED
[
https://issues.apache.org/jira/browse/WSS-707?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed WSS-707.
---
> Update Santuario to fix CVE-2023-44
[
https://issues.apache.org/jira/browse/WSS-705?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed WSS-705.
---
> Add SBOMs to published packages
> ---
>
>
With 3 binding +1 votes, and no other votes, this vote passes. I'll do
the release.
Colm.
On Tue, Oct 31, 2023 at 9:11 AM Alessio Soldano wrote:
>
> +1
>
> thanks!
>
> On Tue, Oct 24, 2023 at 10:59 AM Colm O hEigeartaigh
> wrote:
>>
>> This is a vote to rel
This is a vote to release Apache WSS4J 3.0.2 and 2.4.3. The main fix
is an upgrade to XML Security to pick up a recent CVE fix.
3.0.2:
Artifacts: https://repository.apache.org/content/repositories/orgapachews-1099/
Issues Fixed:
[
https://issues.apache.org/jira/browse/WSS-707?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-707.
-
Resolution: Fixed
> Update Santuario to fix CVE-2023-44
Colm O hEigeartaigh created WSS-707:
---
Summary: Update Santuario to fix CVE-2023-44483
Key: WSS-707
URL: https://issues.apache.org/jira/browse/WSS-707
Project: WSS4J
Issue Type: Bug
[
https://issues.apache.org/jira/browse/WSS-705?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-705.
-
Resolution: Fixed
> Add SBOMs to published packa
[
https://issues.apache.org/jira/browse/WSS-705?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-705:
Fix Version/s: (was: 2.3.5)
> Add SBOMs to published packa
Colm O hEigeartaigh created WSS-705:
---
Summary: Add SBOMs to published packages
Key: WSS-705
URL: https://issues.apache.org/jira/browse/WSS-705
Project: WSS4J
Issue Type: Task
[
https://issues.apache.org/jira/browse/WSS-704?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-704:
Fix Version/s: 4.0.0
> Upgrade to XML Security 4.
Colm O hEigeartaigh created WSS-704:
---
Summary: Upgrade to XML Security 4.0.0
Key: WSS-704
URL: https://issues.apache.org/jira/browse/WSS-704
Project: WSS4J
Issue Type: Task
[
https://issues.apache.org/jira/browse/WSS-703?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-703.
-
Resolution: Fixed
> Upgrade to OpenSAML v5
> --
>
>
Colm O hEigeartaigh created WSS-703:
---
Summary: Upgrade to OpenSAML v5
Key: WSS-703
URL: https://issues.apache.org/jira/browse/WSS-703
Project: WSS4J
Issue Type: Task
Reporter
[
https://issues.apache.org/jira/browse/WSS-702?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17766266#comment-17766266
]
Colm O hEigeartaigh commented on WSS-702:
-
OK closing ticket.
> Process hangs when a signat
[
https://issues.apache.org/jira/browse/WSS-702?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-702.
-
Resolution: Fixed
> Process hangs when a signature is added and server not reacha
FYI I created a new 3_0_x-fixes branch for WSS4J and bumped master to
4.0.0-SNAPSHOT. I am going to merge an update to XML Security
4.0.0-SNAPSHOT and also OpenSAML 5.x. WSS4J 4.0.0-SNAPSHOT will
require Java 17.
Colm.
-
To
+1, all CXF tests pass with it.
Colm.
On Fri, Sep 8, 2023 at 7:38 AM Oscar Westra van Holthe - Kind
wrote:
>
> Hi all,
>
> +1 (non-binding) to release version 2.3.1.
>
> I've successfully run the tests on my project that depends on the
> xmlschema-walker artefact, that requires one of the
[
https://issues.apache.org/jira/browse/WSS-701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17747756#comment-17747756
]
Colm O hEigeartaigh commented on WSS-701:
-
Hi, can you submit a pull request for the change
[
https://issues.apache.org/jira/browse/WSS-700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=1772#comment-1772
]
Colm O hEigeartaigh commented on WSS-700:
-
I've added it for WSSecSignature as requested
[
https://issues.apache.org/jira/browse/WSS-700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=1770#comment-1770
]
Colm O hEigeartaigh commented on WSS-700:
-
[~phax] I'm not sure it makes sense to add a Provider
[
https://issues.apache.org/jira/browse/WSS-693?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed WSS-693.
---
> Check for CVE/CVSS scores and fail build is severity is over a thresh
[
https://issues.apache.org/jira/browse/WSS-699?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed WSS-699.
---
> org.apache.wss4j.dom.transform.STRTransform not compliant with Oracle s
[
https://issues.apache.org/jira/browse/WSS-700?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed WSS-700.
---
> WSSecEncrypt cannot set Security Provi
With 3 binding +1 votes, and two non-binding +1 votes, this vote
passes. I'll do the release.
Colm.
On Fri, Jul 14, 2023 at 1:48 AM Jim Ma wrote:
>
> +1
>
> On Wed, Jul 12, 2023 at 11:55 PM Colm O hEigeartaigh
> wrote:
>>
>> This is a vote to release Apach
This is a vote to release Apache WSS4J 3.0.1, 2.4.2, 2.3.4.
3.0.1:
- Issues fixed:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310063=12352384
- Git tag: https://github.com/apache/ws-wss4j/releases/tag/wss4j-3.0.1
- Artifacts:
[
https://issues.apache.org/jira/browse/WSS-699?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-699.
-
Resolution: Fixed
> org.apache.wss4j.dom.transform.STRTransform not compliant with Ora
[
https://issues.apache.org/jira/browse/WSS-699?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-699:
Fix Version/s: 2.4.2
3.0.1
> org.apache.wss4j.dom.transform.STRTransf
[
https://issues.apache.org/jira/browse/WSS-700?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-700:
Fix Version/s: 3.0.1
> WSSecEncrypt cannot set Security Provi
[
https://issues.apache.org/jira/browse/WSS-700?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-700.
-
Resolution: Fixed
> WSSecEncrypt cannot set Security Provi
[
https://issues.apache.org/jira/browse/WSS-700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17741511#comment-17741511
]
Colm O hEigeartaigh commented on WSS-700:
-
I added a new constructor for WSSecEncrypt that passes
[
https://issues.apache.org/jira/browse/WSS-700?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-700:
Fix Version/s: 2.3.4
2.4.2
> WSSecEncrypt cannot set Security Provi
[
https://issues.apache.org/jira/browse/WSS-693?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-693.
-
Resolution: Fixed
> Check for CVE/CVSS scores and fail build is severity is o
[
https://issues.apache.org/jira/browse/WSS-693?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-693:
Fix Version/s: 2.3.4
2.4.2
> Check for CVE/CVSS scores and fail bu
Hi,
You need to call WSSConfig.init() before any call to
org.apache.xml.security.Init.init(). For example see:
https://github.com/apache/ws-wss4j/blob/4c5dda00904ea7217b4e0add80024973313466ea/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureWSS651Test.java#L65
Colm.
On Wed,
[
https://issues.apache.org/jira/browse/WSS-687?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed WSS-687.
---
> Upgrade OpenSAML to v4.1.x
> --
>
>
[
https://issues.apache.org/jira/browse/WSS-695?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed WSS-695.
---
> Unmarshalling failure with OpenSAM
[
https://issues.apache.org/jira/browse/WSS-694?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed WSS-694.
---
> Move wss4j to native jakarta namesp
[
https://issues.apache.org/jira/browse/WSS-696?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed WSS-696.
---
> Upgrade ehcache to 3.10.0 with jakarta classf
With 5 +1 votes, and no other votes, this vote passes. I'll do the release.
Colm.
On Sun, Oct 9, 2022 at 3:43 AM Jim Ma wrote:
>
> +1
>
> On Thu, Oct 6, 2022 at 4:39 PM Alessio Soldano wrote:
>>
>> +1
>>
>> Thanks!
>>
>> On Tue, Oct 4
This is a vote to release Apache WSS4J 3.0.0. This is a new major
release which has transitioned to the jakarta namespace, and contains
new major dependency upgrades for OpenSAML (4.x) and XML Security
(3.x). It is designed to be used with CXF 4.0.0.
Artifacts:
[
https://issues.apache.org/jira/browse/WSS-698?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-698.
-
Resolution: Not A Problem
You have the option of overriding the WSHandler doSenderAction
Hi Jim,
At this point I don't have anything else to do for WSS4J itself. I
have some work to do on a new Santuario release, I'm hoping to get
this done over the next 2/3 weeks. I also want to review some
outstanding CXF issues to see if there's anything that needs to go
into WSS4J before the
Hi Jim,
>From a quick glance, most if not all of these are in parts of OpenSAML
that aren't used by WSS4J. Ultimately if all the tests (including CXF)
pass without any problems then I suppose we're OK?
Colm.
On Mon, May 30, 2022 at 7:22 AM Jim Ma wrote:
>
> Hi Colm,
> I searched the javax
+1.
The year in the NOTICE file should be updated to 2022 for the next release.
Colm.
On Tue, May 24, 2022 at 12:30 AM Daniel Kulp wrote:
>
> +1
>
> Dan
>
>
> On May 14, 2022, at 5:11 PM, robertlazarski wrote:
>
> This is a vote to release Apache Axiom 1.4.0
>
> Git tag:
[
https://issues.apache.org/jira/browse/WSS-697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17535116#comment-17535116
]
Colm O hEigeartaigh commented on WSS-697:
-
What change do you suggest to be made to how the manually
[
https://issues.apache.org/jira/browse/WSS-696?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-696.
-
Resolution: Fixed
> Upgrade ehcache to 3.10.0 with jakarta classf
[
https://issues.apache.org/jira/browse/WSS-687?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-687.
-
Resolution: Fixed
> Upgrade OpenSAML to v4.
[
https://issues.apache.org/jira/browse/WSS-687?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-687:
Fix Version/s: 3.0.0
> Upgrade OpenSAML to v4.
[
https://issues.apache.org/jira/browse/WSS-687?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522800#comment-17522800
]
Colm O hEigeartaigh commented on WSS-687:
-
That's a good idea Rob. I'm not concerned about the issue
[
https://issues.apache.org/jira/browse/WSS-687?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522265#comment-17522265
]
Colm O hEigeartaigh commented on WSS-687:
-
Is there a way we can only get the Opensaml artifacts
[
https://issues.apache.org/jira/browse/WSS-695?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-695.
-
Resolution: Fixed
> Unmarshalling failure with OpenSAM
Colm O hEigeartaigh created WSS-695:
---
Summary: Unmarshalling failure with OpenSAML 4
Key: WSS-695
URL: https://issues.apache.org/jira/browse/WSS-695
Project: WSS4J
Issue Type: Improvement
[
https://issues.apache.org/jira/browse/WSS-655?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17516927#comment-17516927
]
Colm O hEigeartaigh commented on WSS-655:
-
It can be tested against the "DOM" implementat
[
https://issues.apache.org/jira/browse/WSS-694?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-694.
-
Resolution: Fixed
> Move wss4j to native jakarta namesp
[
https://issues.apache.org/jira/browse/WSS-694?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-694:
Fix Version/s: 3.0.0
> Move wss4j to native jakarta namesp
With 3 binding +1 votes, and no other votes, this vote passes.
Colm.
On Thu, Feb 17, 2022 at 11:27 PM Alessio Soldano wrote:
>
> +1
>
> Thanks!
>
> On Fri, Feb 11, 2022 at 3:26 PM Colm O hEigeartaigh
> wrote:
>>
>> This is a vote to release Apac
Hi Rob,
Yes please prepare a PR and I'll review. If you could add an empty
file as well so that we can easily add false positives, that would be
great.
Colm.
On Sat, Feb 12, 2022 at 11:10 PM Rob Leland wrote:
>
> I noticed that the wss4J build mainly uses the OWASP dependency-check-plugin
>
This is a vote to release Apache WSS4J 2.4.1. It fixes an issue with
the timestamp in the WSS4J jars being invalid.
Artifacts: https://repository.apache.org/content/repositories/orgapachews-1088/
Git tag: https://github.com/apache/ws-wss4j/releases/tag/wss4j-2.4.1
+1 from me.
Colm.
i.e project leadership.
>
> I'm on the PMC however I help maintain another Web Services project: Axiom.
>
> For the WSS4J project, the release manager has been this individual below.
>
> Colm O hEigeartaigh
>
> You may want to wait for him to respond. Or the VP of the We
[
https://issues.apache.org/jira/browse/WSS-690?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-690.
-
Resolution: Won't Fix
> No bundle jar available for Apache WSS4J » 2.
[
https://issues.apache.org/jira/browse/WSS-690?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17445760#comment-17445760
]
Colm O hEigeartaigh commented on WSS-690:
-
We don't ship a binary distribution any more, as projects
eck for
> null, so I would need to look at the change in a larger context to determine
> if an issue was introduced.
>
> On Fri, Nov 12, 2021 at 4:40 AM Colm O hEigeartaigh
> wrote:
>>
>> What change are you referring to, can you point me to a line of code?
>>
What change are you referring to, can you point me to a line of code?
Colm.
On Tue, Nov 9, 2021 at 9:50 PM Rob Leland wrote:
>
> Was the change from "".equals(var) to var.length evaluated for NPE errors?
> The previous method NPE were avoided.
>
> On Tue, Nov 9, 2021,
Thanks everyone, the vote passes with 6 +1 votes, at least 3 of them binding.
Colm.
On Mon, Nov 8, 2021 at 11:26 PM Sagara Gunathunga
wrote:
>
> +1
>
> Thanks!
>
> On Tuesday, November 2, 2021, Colm O hEigeartaigh wrote:
>>
>> This is a vote to release A
This is a vote to release Apache WSS4J 2.4.0. Even though this is a
new major release, the changes are somewhat minimal - the main purpose
of the release is to pick up a new major version of Apache Santuario
(2.3.0).
Git tag: https://github.com/apache/ws-wss4j/releases/tag/wss4j-2.4.0
Artifacts:
[
https://issues.apache.org/jira/browse/WSS-643?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17434353#comment-17434353
]
Colm O hEigeartaigh commented on WSS-643:
-
The NPE only happens when there is a problem with setting
Hi,
I am disabling dependabot for Axiom + WSS4J, as it was brought to my
attention recently that it's against ASF policy to allow a tool
write-access to code repositories:
https://lists.apache.org/thread.html/r5b376dd196b84a54e0e08ffa371233a2fa9c65c4ce25c97bd27c666a%40%3Cbuilds.apache.org%3E
With 5 +1 votes, including at least 3 binding +1 votes, this vote
passes - I'll do the release.
Colm.
On Fri, Sep 17, 2021 at 8:17 PM Alessio Soldano wrote:
>
> +1
> Thanks
>
> On Tuesday, September 14, 2021, Colm O hEigeartaigh
> wrote:
> > This is a vote to re
With 5 +1 votes, including at least 3 binding +1 votes, this vote
passes - I'll do the release.
Colm.
On Fri, Sep 17, 2021 at 8:17 PM Alessio Soldano wrote:
>
> +1
> Thanks
>
> On Tuesday, September 14, 2021, Colm O hEigeartaigh
> wrote:
> > This is a vote to re
+1.
Colm.
On Wed, Sep 15, 2021 at 12:32 PM Freeman Fang wrote:
>
> +1
>
> Thanks!
> Freeman
>
> On Tue, Sep 14, 2021 at 2:49 PM Daniel Kulp wrote:
>>
>> The primary change in this release is adding support for Java 17 and
>> dropping support for Java 7. It also contains a few bug fixes:
>>
+1.
Colm.
On Wed, Sep 15, 2021 at 12:31 PM Freeman Fang wrote:
>
> +1
>
> Thanks
> Freeman
>
> On Tue, Sep 14, 2021 at 2:47 PM Daniel Kulp wrote:
>>
>> This is a vote to release Neethi 3.2.0. Updates include:
>>
>>
>> 1) Support Java 7 has been dropped, but support for Java 17 has been
>>
[
https://issues.apache.org/jira/browse/WSS-688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17415406#comment-17415406
]
Colm O hEigeartaigh commented on WSS-688:
-
The signature verification errors would appear in Apache
This is a vote to release Apache WSS4J 2.2.7. It contains a few
trivial code changes as well as updates to fix CVE issues in a few
dependencies. This is the last anticipated release of WSS4J 2.2.x.
Artifacts: https://repository.apache.org/content/repositories/orgapachews-1082/
Git tag:
This is a vote to release Apache WSS4J 2.3.3. It contains a few
trivial code changes as well as updates to fix CVE issues in a few
dependencies.
Artifacts: https://repository.apache.org/content/repositories/orgapachews-1081/
Git tag: https://github.com/apache/ws-wss4j/releases/tag/wss4j-2.3.3
+1
[
https://issues.apache.org/jira/browse/WSS-688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17408865#comment-17408865
]
Colm O hEigeartaigh commented on WSS-688:
-
If you turn on debug logging you should see exactly where
[
https://issues.apache.org/jira/browse/WSS-688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17407094#comment-17407094
]
Colm O hEigeartaigh commented on WSS-688:
-
What stack trace do you see in the logs when it starts
[
https://issues.apache.org/jira/browse/WSS-687?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17396679#comment-17396679
]
Colm O hEigeartaigh commented on WSS-687:
-
WSS4J master (2.5.0-SNAPSHOT) has moved to Java 11
Hi Rob,
Any contributions are welcome! I would prefer not to introduce a
dependency on powermock, it shouldn't be too much extra work to verify
the changes in a test.
Colm.
On Wed, Jul 14, 2021 at 11:07 PM Rob Leland wrote:
>
> For instance,
>
> Would the developers be open to adding a
+1.
Colm.
On Thu, Jul 1, 2021 at 10:29 PM robertlazarski wrote:
>
> This is a vote to release Apache Axiom 1.3.0
>
> Git tag: https://github.com/apache/ws-axiom/releases/tag/1.3.0
>
> Distributions: https://dist.apache.org/repos/dist/dev/ws/axiom/
>
> Maven artifacts:
>
[
https://issues.apache.org/jira/browse/WSS-686?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-686.
-
Resolution: Won't Fix
> org.apache.ws.security.util.XmlSchemaDateFormat no longer in 2.
[
https://issues.apache.org/jira/browse/WSS-686?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17359817#comment-17359817
]
Colm O hEigeartaigh commented on WSS-686:
-
It was removed as part of https://issues.apache.org/jira
Hi Robert,
I am active on some of the Apache WS projects (e.g. WSS4J), but I'm
not involved with Axiom. Andreas (https://github.com/veithen) is the
only active participant in Axiom in the project.
Does the current 1.2.x branch
(https://github.com/apache/ws-axiom/commits/1.2.x) have everything
[
https://issues.apache.org/jira/browse/WSS-685?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed WSS-685.
---
> Signature before timestamp results in signing after encrypt
With 3 binding +1 votes, and no other votes, this vote passes - I'll
do the release.
Colm.
On Mon, May 24, 2021 at 10:05 AM Alessio Soldano wrote:
>
> +1
>
> Thanks!
>
> On Tue, May 18, 2021 at 10:41 AM Colm O hEigeartaigh
> wrote:
>>
>> This is a vote to re
This is a vote to release Apache WSS4J 2.3.2. It only fixes a single
bug
(https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310063=12349519),
but it contains OpenSAML and Apache Santuario upgrades, as well as a
security fix for Guava, and an update for Joda-Time.
Artifacts:
Hi,
I plan to call a vote on WSS4J 2.3.2 early next week. Let me know ASAP
if there are any other changes required.
Colm.
-
To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org
For additional commands, e-mail:
[
https://issues.apache.org/jira/browse/WSS-685?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-685.
-
Resolution: Fixed
> Signature before timestamp results in signing after encrypt
1 - 100 of 2234 matches
Mail list logo