On Sat, 2007-10-20 at 23:04 -0400, Mark Thomas wrote:
> The mitigations available are:
> - - Disable write access until a fixed version is released
> - - Limit write access to trusted users
> - - Apply the following patch which will be included in the next
> releases of 6.0.x, 5.5.x and 4.1.x
Since it's an obvious hacking attempt, I chose to use this method
instead:
documentBuilder.setEntityResolver
(new EntityResolver() {
public InputSource resolveEntity(String publicId,
String systemId)
throws SAXException, IOException {
return new InputSource(new StringReader(""));
}
});
-> no logging, replace with blank text (I was using an ISE right before
instead of an input source, but there's no real justification)
Rémy
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
