subject:"RE\: Xml Vulnerability issue with C Xerces"

RE: Xml Vulnerability issue with C Xerces

2010-02-02 Thread Scott Cantor

Atul Parti wrote on 2010-02-02:
> Does Apache Xerces C++ 3.0.1 is backward compatible.
> Currently we are using Apache Xerces C++ 2.7.0 in our application.
> Does it requires our application to be updated to support new version.

Yes, possibly with substantial changes.

-- Scott



-
To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org
For additional commands, e-mail: c-dev-h...@xerces.apache.org

Re: Xml Vulnerability issue with C Xerces

2010-02-02 Thread Atul Parti

Thanks for sharing the info.

Does Apache Xerces C++ 3.0.1 is backward compatible.
Currently we are using Apache Xerces C++ 2.7.0 in our application.
Does it requires our application to be updated to support new version.

With Regards
Atul Parti

On Mon, Feb 1, 2010 at 6:18 PM, Boris Kolpackov wrote:

> Atul Parti  writes:
>
> > is there any patch or maybe any latest version which has handle this
> > issue and can be used directly.
>
> If you refer to the CVE-2009-1885 vulnerability, then it has been
> fixed in the just-released Xerces-C++ 3.1.0.
>
> Boris
>
>
> --
> Boris Kolpackov, Code Synthesis
> http://codesynthesis.com/~boris/blog
> Open-source  XML
> data binding for C++   http://codesynthesis.com/products/xsd
> XML data binding for embedded systems
> http://codesynthesis.com/products/xsde
> Command line interface to C++ compiler
> http://codesynthesis.com/projects/cli
>
> -
> To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org
> For additional commands, e-mail: c-dev-h...@xerces.apache.org
>
>

Re: Xml Vulnerability issue with C Xerces

2010-02-01 Thread Boris Kolpackov

Atul Parti  writes:

> is there any patch or maybe any latest version which has handle this 
> issue and can be used directly.

If you refer to the CVE-2009-1885 vulnerability, then it has been
fixed in the just-released Xerces-C++ 3.1.0.

Boris


-- 
Boris Kolpackov, Code Synthesishttp://codesynthesis.com/~boris/blog
Open-source XML data binding for C++   http://codesynthesis.com/products/xsd
XML data binding for embedded systems  http://codesynthesis.com/products/xsde
Command line interface to C++ compiler http://codesynthesis.com/projects/cli

-
To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org
For additional commands, e-mail: c-dev-h...@xerces.apache.org

RE: Xml Vulnerability issue with C Xerces

Re: Xml Vulnerability issue with C Xerces

Re: Xml Vulnerability issue with C Xerces

3 matches

Site Navigation

Mail list logo

Footer information