Hi Gary,
That should be great.
Currently, the XalanJ 2.7.3 RC3 removes the commons BCEL jar that was
bundled with XalanJ previously. Instead, XalanJ 2.7.3 RC3 bundles the
source code of commons BCEL (v 6.5.0) within it along with a fix of
CVE-2022-34169 for BCEL.
If you could, help produce a new version of commons BCEL with the fix
for CVE-2022-34169, then we could include the new commons BCEL jar
within XalanJ 2.7.3 instead of the current way of including commons
BCEL within XalanJ 2.7.3 RC3.
We shall wait for, a new commons BCEL release with the fix, which we
can include within XalanJ 2.7.3's new RC.
On Tue, Oct 4, 2022 at 2:58 PM Gary Gregory <garydgreg...@gmail.com> wrote:
>
> Note that I plan creating a release candidate for Commons BCEL this week.
>
> Gary
--
Regards,
Mukul Gandhi
