[
https://issues.apache.org/jira/browse/SLING-10953?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17470501#comment-17470501
]
Robert Munteanu commented on SLING-10953:
-----------------------------------------
[~radu] - I am not sure what the update from above (
https://issues.apache.org/jira/browse/SLING-10953?focusedCommentId=17470436&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17470436
) means for us. IIUC it will no longer use the Xalan we embed and instead
delegate to the built-in one. Would that cause the fix for SLING-8321 to become
invalid?
> Update dependency Antisamy version from 1.5.10 to 1.6.4
> -------------------------------------------------------
>
> Key: SLING-10953
> URL: https://issues.apache.org/jira/browse/SLING-10953
> Project: Sling
> Issue Type: Improvement
> Reporter: Tatyana Vogel
> Priority: Major
> Fix For: XSS Protection API 2.2.18
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The latest version of AntiSamy is 1.6.4, see
> https://search.maven.org/search?q=g:org.owasp.antisamy%20AND%20a:antisamy .
> We should upgrade to that version, since we embed the AntiSamy bundle and
> there is no other way for consumers of the bundle to upgrade.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
