More info at https://issues.apache.org/jira/browse/XERCESC-2066 The issue is fixed already.
Good luck! Vitaly On Fri, Nov 17, 2017 at 9:12 PM, Brandow, David <david.bran...@sap.com> wrote: > Question from a Xerces-C user: from looking at the NVD (National > Vulnerability Database), it looks like there's a vulnerability, > CVE-2016-2099, which has been raised. I don't see that vulnerability > listed on the Security Advisories page, nor could I find any references to > it in the Users or Developers archives. Can someone comment on whether > this vulnerability has been addressed already, or if there are any plans to > do so in the (reasonably) near future? > > David Brandow > Director of Engineering | SAP Mobile Platform > SAP Waterloo | 445 Wes Graham Way | Waterloo ON CA > T: 519-883-6271 | E: david.bran...@sap.com<mailto:david.bran...@sap.com> > http://www.sap.com > >
