Package xml-security appears to be using Java generics, but generates class files in format older than 49.0, which corresponds to J2SE 5.0, in which generics were introduced. Please update this package to generate classes in format 49.0 or above. This corresponds to -target 1.5 option of javac (or ecj). For more information, see bug #842394
This appears to have been fixed by the update to 1.5.3 in Fedora 18