Hi, I've just heard about this vulnerability in Xerces-C 3.2.2.
Although I can see the advisory, there's no mention of it in the bug list. Is this intentional? I was expecting some kind of analysis/response, if not a fix. Looks like it was reported over a year ago. I'm not sure of the timeframe of this sort of thing, maybe it needs to be verified before being acted on? Anyway, I was just wondering what the state of it is and whether there's any "official" response, even if it's still "we're looking at it". Cheers, Graham This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.
