Skip to content

Release 4.3.0
Compare
Choose a tag to compare
@rsarendus rsarendus released this 29 Nov 13:24
· 121 commits to master since this release
public-4.3.0
2c7d07b

Summary of the major changes since 4.2.2

  • DSS version update to 5.8 (sd-dss.5.8.d4j.1), previously used DSS 5.7. Check changes in DSS here: https://github.com/esig/dss/releases
  • CommonOCSPSource improvements of building certificate chain from OCSP certificate to trust anchor in TSL
  • ContainerBuilder thread-safety improvements
  • TSL TLS truststore update
  • Dependencies update

Known issues

  • We have noticed a decrease in performance with the introduction of properly accessing AIA certificate resources
  • Opening a container that contains signatures, triggers TSL loading (TSL lazy loading does not work as expected)
  • While upgrading from versions older than 2.1.1 be sure that your integration :
    • doesn't use Xalan or XercesImpl dependencies
    • uses a patched Java version (JDK8 or higher)
      Xalan and XercesImpl were used to patch XML vulnerabilities in older java versions. They should be discarded with higher versions because they override default Java XML security.
      If it is not possible to remove Xalan, then you can set your system property to override TransformerFactory : System.setProperty("javax.xml.transform.TransformerFactory","com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl");
Assets 6
Loading