scantor commented on PR #47:
URL: https://github.com/apache/xerces-c/pull/47#issuecomment-1688414268
> I will consider becoming a committer to this project to fix this
vulnerability
Only if you're in it for the long haul, it's a commitment (pun intended) to
actually sustain the code
johnjamesmccann commented on PR #47:
URL: https://github.com/apache/xerces-c/pull/47#issuecomment-1688371818
[Apache-496067-disclosure-report.pdf](https://github.com/apache/xerces-c/files/12409994/Apache-496067-disclosure-report.pdf)
Hello Scott here is the vulnerability report as
johnjamesmccann commented on PR #47:
URL: https://github.com/apache/xerces-c/pull/47#issuecomment-1688282792
Thanks for your response Scott,
How does it get to be known that the "fix is correct."? It appears that the
tests are passing and there are no regressions. This hotfix is
scantor commented on PR #47:
URL: https://github.com/apache/xerces-c/pull/47#issuecomment-1688246591
It has not, and I don't think it's even known that the fix is correct.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and