Hi David, On Mon, Apr 30, 2018 at 8:32 PM, David Dillard <david.dill...@veritas.com> wrote:
> I asked before about getting a CVE for the issue I raised that was fixed, > and about a security advisory. I don’t recall seeing a response. > Michael (our PMC chair) wrote to Apache security@ about this issue, a day or two ago. But there's been no response from Apache security@ yet. If there's a reply from Apache security@ later about this, we could declare these details (i.e security advisory you talked about) as a separate note. But for now, it would be good that we make a announcement to the lists about the Xerces 2.12.0 release. -- Regards, Mukul Gandhi
