JDK-8219013 : Update Apache Santuario (XML Signature) to version 2.1.3
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.xml.crypto
  • Affected Version: 13
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2019-02-14
  • Updated: 2021-06-22
  • Resolved: 2019-05-07
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 7 JDK 8 Other
11.0.5Fixed 7u321Fixed 8u231Fixed openjdk8u282Fixed
Related Reports
Duplicate :  
Relates :  
Relates :  
Relates :  
Relates :  
Relates :  
Relates :  
Sub Tasks
JDK-8230839 :  
Description
Update the Apache Santuario code in the JDK to the latest release at http://santuario.apache.org/javareleasenotes.html (currently 2.1.3).
Comments
Fix Request (jdk8u) Requesting a jdk8u backport approval of this fix for parity with Oracle JDK. The JDK 11 changeset does not apply cleanly to jdk8u-dev and requires adjustments. The adjusted webrev below passes jdk_tier1 and the jdk_security tests. 8u webrev: https://cr.openjdk.java.net/~ebaron/jdk8u/JDK-8219013/webrev.00/ 8u RFRs: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-August/012599.html https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-November/013056.html
25-11-2020

8u review approval: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-November/013066.html
25-11-2020

8u review continuation: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-November/013056.html
24-11-2020

8u RFR: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-August/012599.html
28-10-2020

Fix request (11u) Need to have this backported to jdk11u to match Oracle. It's targeted for 11.0.5, so adding jdk11u-critical-request. Patch applies cleanly and testing shows no regressions.
04-09-2019

noreg-other. This is a sync with upstream repo at https://www.apache.org/dyn/closer.lua/santuario/java-library/2_1_3/xmlsec-2.1.3-source-release.zip.
07-05-2019