Hi Lars,
Please log a JIRA to update the Xalan version shipped with FOP. Its not
a difficult change, but let's add it to the list so its not forgotten.
In the meantime, changing the JAR file manually in the lib folder is a
simple enough workaround
Thanks,
Chris
On 09/11/2015 15:19, Lars Teuber wrote:
Hi,
There is a security issue in Xalan < 2.7.2, see:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0107
Are there plans to update fop to the new version or is it possible /
recommended to just update the jar file?
Best regards
Lars
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
