The Apache Tomcat team announces the immediate availability of Apache Standard
Taglib 1.2.5.
Apache Standard Taglib is an open source software implementation of the JSP
Standard Tag Library (JSTL) technology.
This release supports JSTL version 1.2 and includes minor bug-fixes to the
previous 1
CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags
Severity: Important
Vendor:
The Apache Software Foundation
Versions Affected:
Standard Taglibs 1.2.1
The unsupported 1.0.x and 1.1.x versions may also be affected.
Description:
When an application uses or tags to process untrusted
The Apache Tomcat team announces the immediate availability of Apache Standard
Taglib 1.2.3.
Apache Standard Taglib is an open source software implementation of the JSP
Standard Tag Library (JSTL) technology.
This release supports JSTL version 1.2 and includes bug-fixes and improvements
on the
I ran into an issue with PermittedTaglibsTLV not rejecting tags in JSP
Documents (aka .jspx files). See:
https://issues.apache.org/bugzilla/show_bug.cgi?id=57290
In trying to fix that I’ve run into a problem determining if a namespace
declaration in the XML view of the page corresponds to a ta
The Apache Tomcat team announces the immediate availability of Apache Standard
Taglib 1.2.1.
Apache Standard Taglib is an open source software implementation of the JSP
Standard Tag Library (JSTL) technology.
This release supports JSTL version 1.2 along with numerous bug-fixes and
improvements
On Sep 24, 2013, at 3:20 PM, Mark Thomas wrote:
> On behalf of the Tomcat committers I am pleased to announce that
> Konstantin Preißer has been voted in as a new Tomcat committer.
>
> In addition to a number of high quality bug reports and patches,
> Konstantin is also responsible for the makeo
