I guess, a vulnerability issue was reported by community some time ago related to XML parsing.
Here's some information about this: http://isc.sans.org/diary.html?storyid=6928 http://svn.apache.org/viewvc?revision=781488&view=revision >From these news items, it seems that Xerces-J was not affected by this. Rather, Xerces-C was affected, and a patch for this is available as reported at the above links. On Fri, Jan 29, 2010 at 10:03 PM, Michael Glavassevich <mrgla...@ca.ibm.com> wrote: > Hi Atul, > > Xerces-J 1.4.3 is rather ancient. This release occurred before I arrived > here so couldn't tell you what issues it may have had. I wouldn't assume the > most recent report against Xerces 2.x would apply since 1.4.x is a > completely different codebase and may never have had that problem. > > Thanks. > > Michael Glavassevich > XML Parser Development > IBM Toronto Lab > E-mail: mrgla...@ca.ibm.com > E-mail: mrgla...@apache.org -- Regards, Mukul Gandhi --------------------------------------------------------------------- To unsubscribe, e-mail: j-users-unsubscr...@xerces.apache.org For additional commands, e-mail: j-users-h...@xerces.apache.org
