Re: [PR] Remove call to Signature.getProvider() in debug log [santuario-xml-security-java]

2023-11-16 Thread via GitHub
coheigea commented on PR #240: URL: https://github.com/apache/santuario-xml-security-java/pull/240#issuecomment-1815825408 @narras-oss What release do you specifically need a fix in? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to G

Re: [PR] Remove call to Signature.getProvider() in debug log [santuario-xml-security-java]

2023-11-16 Thread via GitHub
narras-oss commented on PR #240: URL: https://github.com/apache/santuario-xml-security-java/pull/240#issuecomment-1815519461 @coheigea Is there an ETA for next release ? We are unable to upgrade to latest version to get the CVE fix until this fix included (other than copy-pasting this cla

Re: [PR] SANTUARIO-511: Implementation of the Diffie-Hellman-ES key exchange for EC and XEC keys [santuario-xml-security-java]

2023-11-16 Thread via GitHub
jrihtarsic commented on PR #234: URL: https://github.com/apache/santuario-xml-security-java/pull/234#issuecomment-1814298829 Hi @coheigea I would be grateful if you could take a look at it and provide me with your feedback, particularly on the architecture of the implementation. Also,