"Cantor, Scott" <[email protected]> wrote on 03/04/2015 01:16:30 PM:
> From: "Cantor, Scott" <[email protected]> > To: "[email protected]" <[email protected]>, > Date: 03/04/2015 01:19 PM > Subject: Re: Hello and XXE > > On 3/4/15, 6:10 PM, "Michael Glavassevich" <[email protected]> wrote: > > > > > >The defect you're referring to had nothing to do with DTDs or entities. > > Which I acknowledged. You still have an unreleased security fix that is > *not* a function of "applications configuring the parser correctly". And I was pointing out that it's irrelevant to Jim's concern. If you're interested in seeing a release which rolls up this and other fixes from the trunk, that's another discussion. The long period of time between Xerces releases boils down to a lack of time from developers and low interest from the community to motivate a new release. > -- Scott Michael Glavassevich XML Technologies and WAS Development IBM Toronto Lab E-mail: [email protected] E-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
