Are you going to report a vulnerability or discuss whether POI is secure in terms of processing XML ?
The Apache Software Foundation strongly encourages people to report security vulnerabilities to the private security mailing list first, before disclosing them in a public forum. See http://www.apache.org/security/ Yegor On Mon, Jan 14, 2013 at 8:46 AM, Jon Gorrono <[email protected]> wrote: > Hello. > > Who can I interact with WRT mitigation of possible XML processing > vulnerabilities in POI? > > I dont know that it is appropriate to be too specific on this list. > > The topic might be more appropriate for the dev list or ? > > Regards. > -- > Jon Gorrono > PGP Key: 0x5434509D - > http{pgp.mit.edu:11371/pks/lookup?search=0x5434509D&op=index} > http{middleware.ucdavis.edu} > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
