There are two new releases for the Apache XML Security for Java project, which are now available for download. The main feature of the 1.5.2 release is that the default canonicalization algorithm for encryption has changed from inclusive with comments to a new canonicalization algorithm that preserves the physical representation of the element being encrypted. This change fixes a problem where an element might be decrypted to the wrong namespace. The release notes are available here.
The 1.4.7 release fixes a problem with a missing KeyInfo Element when
multiple elements are encrypted, as well as a number of other issues. The release notes are available here.