[
https://issues.apache.org/jira/browse/SLING-10953?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17471861#comment-17471861
]
Radu Cotescu commented on SLING-10953:
--------------------------------------
{quote}IIUC it will no longer use the Xalan we embed and instead delegate to
the built-in one. Would that cause the fix for SLING-8321 to become
invalid?{quote}
I have no idea. IBM's JVM was lacking {{org.w3c.dom.ElementTraversal}}, which
{{xalan}} provided.
> Update dependency Antisamy version from 1.5.10 to 1.6.4
> -------------------------------------------------------
>
> Key: SLING-10953
> URL: https://issues.apache.org/jira/browse/SLING-10953
> Project: Sling
> Issue Type: Improvement
> Reporter: Tatyana Vogel
> Priority: Major
> Fix For: XSS Protection API 2.2.18
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> The latest version of AntiSamy is 1.6.4, see
> https://search.maven.org/search?q=g:org.owasp.antisamy%20AND%20a:antisamy .
> We should upgrade to that version, since we embed the AntiSamy bundle and
> there is no other way for consumers of the bundle to upgrade.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
