** Changed in: xml-security-c (Ubuntu)
Status: In Progress => Won't Fix
** Changed in: xerces-c (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1482777
We have released 10.1.5 open-vm-tools where VGAuth is dependent on xmlsec1
instead of xml-security-c. Please help enable VGAuth using the following
configure switch --enable-xmlsec1. We have raised the following bug against
17.04 for this issue:
The Debian maintainer reached out to me through the debian bug 856569.
He will be moving from xmlsecurity to xmlsec1 after stretch is released.
He has also updated the package to have a libssl-dev as an alternate
dependency to libssl-1.0-dev (ie. Build-Depends on 'libssl-1.0-dev
|libssl-dev')
I got to this bug through the last merge (LP: #1666430) that pointed to
LP: #1492429 which linked here.
I was also investigating that merge (somehow we got two bug reports open
for the same thing) and I agree with Seth Arnold that it is better
(ubuntu-wise) to use xmlsec1 than xml-security-c +
Hi Ravindra,
You can generate this list yourself using `apt-cache rdepends
"*xmlsec1*"`.
Below is the output for xenial; note that the list is likely to be
different for different releases. :)
Dan
libxmlsec1
Reverse Depends:
libxmlsec1-gcrypt
liblasso3
libarccommon3v5
libaqebics0
Robert, would you mind sharing the list of applications in Ubuntu that
are already using xmlsec1?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1482777
Title:
[MIR] open-vm-tools 10.0.x build
Please note that the CVEs mentioned in the original description are all
about versions prior to 1.7.1. The current version of xml-security is
1.7.3.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Thank you Seth, I will take this feedback to the development team and
see if xmlsec1 is an alternative post-GA. Meanwhile we will build
without the feature that requires this package.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Security team NAK for xml-security-c promotion to main. I will follow up
with Apache security team.
Consider using xmlsec1 instead; I recall liking the codebase when I
reviewed it.
** Changed in: xml-security-c (Ubuntu)
Assignee: Seth Arnold (seth-arnold) => (unassigned)
--
You received
** Changed in: xml-security-c (Ubuntu)
Status: New => In Progress
** Changed in: xml-security-c (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => Seth Arnold
(seth-arnold)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
** Changed in: xerces-c (Ubuntu)
Importance: Medium => High
** Changed in: xml-security-c (Ubuntu)
Importance: Medium => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1482777
Title:
Retargetting this for 16.04.
** Summary changed:
- [MIR] open-vm-tools 9.10.2 build dependencies: xml-security-c and xerces-c
+ [MIR] open-vm-tools 10.0.x build dependencies: xml-security-c and xerces-c
** Changed in: xml-security-c (Ubuntu)
Milestone: ubuntu-15.08 => ubuntu-16.04
**
12 matches
Mail list logo