On Sunday 16 August 2009 17:50:21 Ian Clarke wrote: > > Can't we use a 3rd party XML parsing library to get around this > vulnerability?
We should rather nag Sun or the responsible Mac people (I don't know whether they have package management and just not upgraded the package yet or whether Sun did not deploy a new version?) to fix the issue, it is a shame that a remotely exploitable bug is not fixed for weeks. Its not our job, and switching to other libraries would be a major amount of work I guess. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20090816/abbfef63/attachment.pgp>
