Re: Xerces and security vulnerabilities

Peter Major Wed, 04 Nov 2015 23:25:40 -0800

How about these then?
https://bugzilla.redhat.com/show_bug.cgi?id=1273638
https://bugzilla.redhat.com/show_bug.cgi?id=1273645
https://bugzilla.redhat.com/show_bug.cgi?id=1273637


2015. 11. 04. 16:38 keltezéssel, Michael Glavassevich írta:

As they did not disclose any details in these reports, only Oracle would
know.

Thanks.

Michael Glavassevich
XML Technologies and WAS Development
IBM Toronto Lab
E-mail: mrgla...@ca.ibm.com
E-mail: mrgla...@apache.org

Peter Major <peter.ma...@forgerock.com> wrote on 11/04/2015 03:36:26 AM:

Hi,

it appears that Oracle has fixed some XML parsing related security
vulnerabilities:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911

Is it possible that these also affect Xerces 2.11.0?

Regards,
Peter


---------------------------------------------------------------------
To unsubscribe, e-mail: j-users-unsubscr...@xerces.apache.org
For additional commands, e-mail: j-users-h...@xerces.apache.org

Re: Xerces and security vulnerabilities

Reply via email to