Author: markt Revision: 1558828 Modified property: svn:log Modified: svn:log at Tue Feb 25 11:25:45 2014 ------------------------------------------------------------------------------ --- svn:log (original) +++ svn:log Tue Feb 25 11:25:45 2014 @@ -1 +1,2 @@ Add an option to the Context to control the blocking of XML external entities when parsing XML configuration files and enable this blocking by default when a security manager is used. The block is implemented via a custom resolver to enable the logging of any blocked entities. +This is the fix for CVE-2013-4590.
--------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
