On Sat, 2007-10-20 at 23:04 -0400, Mark Thomas wrote: > The mitigations available are: > - - Disable write access until a fixed version is released > - - Limit write access to trusted users > - - Apply the following patch which will be included in the next > releases of 6.0.x, 5.5.x and 4.1.x
Since it's an obvious hacking attempt, I chose to use this method instead: documentBuilder.setEntityResolver (new EntityResolver() { public InputSource resolveEntity(String publicId, String systemId) throws SAXException, IOException { return new InputSource(new StringReader("")); } }); -> no logging, replace with blank text (I was using an ISE right before instead of an input source, but there's no real justification) Rémy --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]