https://bz.apache.org/bugzilla/show_bug.cgi?id=66171
--- Comment #9 from Vladimir Sitnikov <sitnikov.vladi...@gmail.com> --- I just wonder: is xalan-j really that bad? What if we just fix the CVE in question and release a newer Xalan version? Then **everybody** would benefit from that. -- You are receiving this mail because: You are the assignee for the bug.
