[jira] [Commented] (XERCESC-2257) symbol not found in flat namespace (_xercesc_messages_3_2_dat)

Sat, 16 Nov 2024 05:16:20 -0800 


    [ 
https://issues.apache.org/jira/browse/XERCESC-2257?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17898877#comment-17898877
 ] 

Scott Cantor commented on XERCESC-2257:
---------------------------------------

> I asked you a specific question and you give a wishy-washy answer like this? 
> There is a large number of
> applications that use Xerces-C++ only for parsing trusted input. What is the 
> safety implication of this?

Almost by definition, the safety implications are that an application would be 
vulnerable to privilege escalation. That's literally what most non-networked 
security issues do. Not everyone uses this code strictly for trusted input and 
most XML vulnerabilities are largely evaluated in that context.

> Also please let me know when you wish to stop being a release manager so that 
> we have some transition
> period for me to take over.

Is mid-2025 too soon? The absolute upper bound would probably have been some 
time in 2026 at this point anyway.

> symbol not found in flat namespace (_xercesc_messages_3_2_dat)
> --------------------------------------------------------------
>
>                 Key: XERCESC-2257
>                 URL: https://issues.apache.org/jira/browse/XERCESC-2257
>             Project: Xerces-C++
>          Issue Type: Bug
>    Affects Versions: 3.3.0
>            Reporter: Ryan Carsten Schmidt
>            Priority: Major
>
> Software linking with libxerces-c-3.3.dylib fails to work:
>  
> {noformat}
> dyld[5155]: symbol not found in flat namespace (_xercesc_messages_3_2_dat)
> {noformat}
>  
> This was reported to MacPorts here: [https://trac.macports.org/ticket/71304]
> This is a regression; 3.2.4 didn't have this problem.
> Surely for version 3.3.x on these lines {{3_2}} should be changed to 
> {{{}3_3{}}}?
> [https://github.com/apache/xerces-c/blob/v3.3.0/src/xercesc/util/MsgLoaders/ICU/ICUMsgLoader.cpp#L54-L55]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to