On 08/11/09 13:46, Alberto Massari wrote:
Hi Vinu,
the security report has the link to the SVN change, that you can apply
to the version of Xerces you are using.
The Security report contains the link to specific file where it is
fixed. But we are not building Xerces source, we are only referring to
the relevant libraries. Hence the request for a patch on top of the 2.x
version.
Thanks,
Vinu
Alberto
Vinutha Nagaraju wrote:
Hi,
We are using Xerces 2.6.0 within our product and we have recently read
about the following security issue with Xerces.
http://www.cert.fi/en/reports/2009/vulnerability2009085.html
We would like to know in which Version of Xerces is the fix available ?
Can we request this to be ported to 2.x series too. Because moving
from 2.x to next major release would mean lot of changes at our
product end which is under sustaining phase. Appreciate if this
request could be accommodated. I am hoping this would eventually help
other users of xerces with similar request.
Thanks,
Vinu
