Release 1.2.0 (end of life)

Release date: 2013-04-17

For a complete list of issues addressed in this release, see https://issues.shibboleth.net/jira/issues/?filter=10273.

• XSTJ-38: blacklist MD5 algorithm during signature verification
• XSTJ-33: release process for XmlSecTool 1.2.0
• XSTJ-31: add ECDSA elliptic curve signature support
• XSTJ-28: provide blacklist ability for SHA-1 during signature verification
• XSTJ-27: compatibility with Apache Santuario 1.5.x
• XSTJ-24: should not use xmlsec IdResolver class
• XSTJ-23: stabilise xmlsectool build, update dependencies
• XSTJ-22: non-zero exit codes from shell script
• XSTJ-20: pass JVMOPTS environment variable through xmlsectool.sh
• XSTJ-19: pkcs11Config option fails to use indicated keystore provider
• XSTJ-17: multiple errors in --help documentation
• XSTJ-16: misleading error message on failed schema validation
• XSTJ-15: XmlSecTool fails with String index out of range -1
• XSTJ-14: allow specification of Digest and Signature algorithms when signing
• XSTJ-5: ship RPM packaging files with xmlsectool

Release 1.1.5

Release date: 2011-07-25

• XSTJ-13: failure to fetch via http if web server doesn't present a content-encoding header field
• Security issue: additional validation of signatures to protect against signature wrapping attacks similar to CVE-2011-1411

Release 1.1.4

• XTSJ-10: Correct class and command name
• XSTJ-9: Add support for reading/writting base64, deflate, gzip encoded files
• XTSJ-8: xmlsectool generates spurious xmlns:xml definitions in output
• XTSJ-7: verify xmlsectool dependencies

Release 1.1.3

• XSTJ-6: program fails with a NullPointerException when using a signing key from the filesystem without a password

Release 1.1.2

• XSTJ-1: Update dependency libraries for version 1.1.2
• XSTJ-2: non-zero status code not returned when a signature is invalid