Control: severity -1 important
Reducing the severity because XSLT can be regarded as a general
programming language, and not all programming language implementations
are protected against infinite recursion anyway.
On 2014-10-07 08:55:46 -0700, Andrew Ayer wrote:
Dear Maintainer,
I do not
Processing control commands:
severity -1 important
Bug #718315 [xalan] xalan: With recursive xsl:call-template, xalan makes the
whole system freeze
Severity set to 'important' from 'grave'
--
718315: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718315
Debian Bug Tracking System
Contact
Dear Maintainer,
I do not believe that this bug constitutes a security vulnerability or
that it deserves grave severity.
To be exploited remotely, you have to execute an untrusted XSLT
stylesheet, which is similar to executing untrusted arbitrary code, and
is a bad idea for reasons much more
3 matches
Mail list logo
