Thanks for sharing the info. Does Apache Xerces C++ 3.0.1 is backward compatible. Currently we are using Apache Xerces C++ 2.7.0 in our application. Does it requires our application to be updated to support new version.
With Regards Atul Parti On Mon, Feb 1, 2010 at 6:18 PM, Boris Kolpackov <bo...@codesynthesis.com>wrote: > Atul Parti <atulpa...@gmail.com> writes: > > > is there any patch or maybe any latest version which has handle this > > issue and can be used directly. > > If you refer to the CVE-2009-1885 vulnerability, then it has been > fixed in the just-released Xerces-C++ 3.1.0. > > Boris > > > -- > Boris Kolpackov, Code Synthesis > http://codesynthesis.com/~boris/blog > Open-source <http://codesynthesis.com/%7Eboris/blog%0AOpen-source> XML > data binding for C++ http://codesynthesis.com/products/xsd > XML data binding for embedded systems > http://codesynthesis.com/products/xsde > Command line interface to C++ compiler > http://codesynthesis.com/projects/cli > > --------------------------------------------------------------------- > To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org > For additional commands, e-mail: c-dev-h...@xerces.apache.org > >
