Yes, it is a known issue and should be addressed in a future release for which there is no schedule yet.
Gary On Wed, Jun 7, 2023, 14:35 Francis Laverdiere <francis.laverdi...@intact.net> wrote: > Hi, > > > > We updated our dependencies to use Xalan version 2.7.3 to solve the > security vulnerability and discover that there is a missing dependency for > > <dependency> > > <groupId>xalan</groupId> > > <artifactId>serializer</artifactId> > > </dependency> > > in the pom of the xalan 2.7.3. > > Are you aware of that ? Is there something we are missing, or it is an > error on your side? > > > > We compared with the 2.7.2 and the dependency was there. > > Thank you. >
