Package: xerces21 Severity: normal
Good day, >From [CAN-2004-1575] : | The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a | denial of service (CPU consumption) via XML attributes in a crafted | XML document. This problem have been fixed in version 2.6 of Xerces. I have report this problem to Jay Berkenbilt, the maintainer of xerces25, xerces24 and xerces23 (see bug #296432). It's not clear to me if xerces21 is also vulnerable but I think it could. Could you mention the CAN number in changelog entries about this problem. Regards. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: powerpc (ppc) Kernel: Linux 2.6.9-rfb-swsusp Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
