XML Security 1.4.3 Release now available for download

The Apache XML Security team is pleased to announce the release of
version 1.4.3 of the Java xml-security library [1, 2]. This release
provides many bug fixes and a fix for the recently announced HMAC
vulnerability in the XML Signature specification [3]. You should upgrade
to this release as soon as possible.

Please see the changelog [4] for more information on what has been fixed.

Thanks,
Sean

[1] http://santuario.apache.org/
[2] http://santuario.apache.org/dist/java-library/
[3] http://www.kb.cert.org/vuls/id/466161
[4] http://santuario.apache.org/changes.html

...and it's now available in the central maven repository:

http://repo2.maven.org/maven2/org/apache/santuario/xmlsec/1.4.3/

Colm.

-----Original Message-----
From: Sean.Mullan@... [mailto:Sean.Mullan@...]
Sent: 22 July 2009 18:23
To: security-dev@...
Subject: XML Security 1.4.3 Release now available for download

The Apache XML Security team is pleased to announce the release of
version 1.4.3 of the Java xml-security library [1, 2]. This release
provides many bug fixes and a fix for the recently announced HMAC
vulnerability in the XML Signature specification [3]. You should upgrade

to this release as soon as possible.

Please see the changelog [4] for more information on what has been
fixed.

Thanks,
Sean

[1] http://santuario.apache.org/
[2] http://santuario.apache.org/dist/java-library/
[3] http://www.kb.cert.org/vuls/id/466161
[4] http://santuario.apache.org/changes.html