This is an automated email from the ASF dual-hosted git repository. garydgregory pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/commons-xml.git
commit 87d0615be64d7ef0b2c60fd0211c169b9391d399 Author: Gary Gregory <[email protected]> AuthorDate: Fri Jun 26 17:30:03 2026 +0000 Add the same basic security page as other Commons components. --- src/site/xdoc/security.xml | 56 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/src/site/xdoc/security.xml b/src/site/xdoc/security.xml new file mode 100644 index 0000000..740c550 --- /dev/null +++ b/src/site/xdoc/security.xml @@ -0,0 +1,56 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + https://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<document xmlns="http://maven.apache.org/XDOC/2.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/XDOC/2.0 http://maven.apache.org/xsd/xdoc-2.0.xsd";> + <properties> + <title>Apache Commons Security Reports</title> + <author email="[email protected]">Apache Commons Team</author> + </properties> + <body> + <section name="About Security"> + <p> + For information about reporting or asking questions about security, please see + <a href="https://commons.apache.org/security.html";>Apache Commons Security</a>. + </p> + <p>This page lists all security vulnerabilities fixed in released versions of this component. + </p> + <p>Please note that binary patches are never provided. If you need to apply a source code patch, use the building instructions for the component version + that you are using. + </p> + <p> + If you need help on building this component or other help on following the instructions to mitigate the known vulnerabilities listed here, please send + your questions to the public + <a href="mail-lists.html">user mailing list</a>. + </p> + <p>If you have encountered an unlisted security vulnerability or other unexpected behavior that has security impact, or if the descriptions here are + incomplete, please report them privately to the Apache Security Team. Thank you. + </p> + </section> + <section name="Security Vulnerabilities"> + <p>None.</p> + </section> + <section name="Safe Deserialization"> + <p> + For information about safe deserialization, please see <a href="https://commons.apache.org/io/description.html#Safe_Deserialization";>Safe Deserialization</a>. + </p> + </section> + </body> +</document>
