xml-security-c17 defect - patches in Ubuntu 14.04 and 18.04
We found a bug in Apache Santuario C, related to ECDSA signature generation, few years ego. We provide the fix to the Apache team, and Scott Cantor kindly accepted the fix in the project. How ever the fix was introduced in series 2.x of the the library.
The fix we provide was for the version 1.7.x found in Ubuntu 14.04 and looks like Ubuntu 18.04 is still including a version from series 1.7.x. Our products goes trough certification processes where using source code without patches is something very well seen.
We are interesting in exploring the possibility to start a communication with Ubuntu maintainers team, in order to request including some patches or version upgrades in libraries we are contributing and we are using in products based in Ubuntu minimal 14.04 and 18.04.
I would like to ask for your advice in this matter.
Best Regards,
Alejandro Claro.
Question information
- Language:
- English Edit question
- Status:
- Solved
- Assignee:
- No assignee Edit question
- Solved by:
- Alejandro Claro
- Solved:
- Last query:
- Last reply: