STATUS.txt

markt Mon, 17 Mar 2014 16:19:23 -0700

Author: markt
Date: Mon Mar 17 23:18:07 2014
New Revision: 1578658

URL: http://svn.apache.org/r1578658
Log:
Proposal


Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1578658&r1=1578657&r2=1578658&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Mar 17 23:18:07 2014
@@ -74,6 +74,14 @@ PATCHES PROPOSED TO BACKPORT:
     1. r1578329 does not belong to svn:mergeinfo, that is an unrelated commit
     2. changelog.xml part of the patch does not merge, because of later changes
 
+* Redefine the <code>globalXsltFile</code> initialisation parameter of the
+  DefaultServlet as relative to CATALINA_BASE/conf or CATALINA_HOME/conf.
+  Prevent user supplied XSLTs used by the DefaultServlet from defining external
+  entities.
+  
http://people.apache.org/~markt/patches/2014-03-17-globalXsltFile-tc6-v1.patch
+  +1: markt
+  -1:
+
 
 PATCHES/ISSUES THAT ARE STALLED:
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1578658 - /tomcat/tc6.0.x/trunk/STATUS.txt

Reply via email to