I am following up on this issue reported at -
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2625. I see the
following check-in trunk for XMLScanner.java :
http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=572055&r2=787352&pathrev=787353
which apparently fixes the issue.
Question : Can we have a newer drop of Xerces2 which shall include this
critical fix ?, the last one is tagged as 2.9.1, which was made
available 2 years ago.
Thanks,
-/Pankaj
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
