Hi Scott, I checked Xerces 3.1.4 sources( src/xercesc/validators/DTD/DTDScanner.cpp)
The fix is missing in them. const XMLCh nextCh = fReaderMgr->peekNextChar(); calls without try catch . Does the fix will be in Xerces 3.1.5? Regards, Vladimir. -----Original Message----- From: Cantor, Scott [mailto:[email protected]] Sent: October-21-16 12:52 PM To: [email protected] Subject: RE: XERCESC-2066 (Exception handling mistake in DTDScanner) > > Does somebody know when it will be fixed in official patch? > > Months ago? > > https://urldefense.proofpoint.com/v2/url?u=http-3A__svn.apache.org_viewvc-3Fview-3Drevision-26revision-3D1747619&d=DQIFAg&c=ZgVRmm3mf2P1-XDAyDsu4A&r=Go-zk3wwFXw3zk6IKI5viJn9Qf3N2dP8AA11tevsqfk&m=Z1iJtUb3kO64ypZrVXuv_5eWJsIAENmMp9gowKA4Kco&s=2RYr1B-G8DJYMTi7wK98HImnweDSBSo-ixJ5NOgrhp0&e= > Meant to link to advisory. https://urldefense.proofpoint.com/v2/url?u=http-3A__xerces.apache.org_xerces-2Dc_secadv_CVE-2D2016-2D4463.txt&d=DQIFAg&c=ZgVRmm3mf2P1-XDAyDsu4A&r=Go-zk3wwFXw3zk6IKI5viJn9Qf3N2dP8AA11tevsqfk&m=Z1iJtUb3kO64ypZrVXuv_5eWJsIAENmMp9gowKA4Kco&s=a_7XsYlyztGFIc2FHL-UqwUj0ZePqrh2W9MyMb3kotk&e= > -- Scott --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
