You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@xalan.apache.org by mu...@apache.org on 2022/12/05 14:20:19 UTC

[xalan-java] branch xalan-j_2_7_1_maint updated: minor improvements, to XalanJ 2.7.3 release notes

This is an automated email from the ASF dual-hosted git repository.

mukulg pushed a commit to branch xalan-j_2_7_1_maint
in repository https://gitbox.apache.org/repos/asf/xalan-java.git


The following commit(s) were added to refs/heads/xalan-j_2_7_1_maint by this push:
     new 1592733d minor improvements, to XalanJ 2.7.3 release notes
1592733d is described below

commit 1592733d8f57c0d50a76789adbb5abca8b013fe9
Author: Mukul Gandhi <ga...@gmail.com>
AuthorDate: Mon Dec 5 19:50:02 2022 +0530

    minor improvements, to XalanJ 2.7.3 release notes
---
 xdocs/sources/xalan/readme.xml | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/xdocs/sources/xalan/readme.xml b/xdocs/sources/xalan/readme.xml
index 6560ebf7..1c902719 100644
--- a/xdocs/sources/xalan/readme.xml
+++ b/xdocs/sources/xalan/readme.xml
@@ -38,12 +38,15 @@
   <anchor name="notes_latest"/>
   <s2 title="Release notes for &xslt4j; 2.7.3">
     <p>
-      &xslt4j; 2.7.3 was released in October 2022.
+      &xslt4j; 2.7.3 was released in December 2022.
     </p>    
-    <s3 title="Fix for CVE-2022-34169 An integer truncation issue when processing malicious XSLT stylesheets">  
+    <s3 title="Fix for CVE-2022-34169 An integer truncation issue when processing malicious XSLT stylesheets">
+       This issue was fixed within XalanJ's XSLTC processor. This XalanJ issue, when present causes following problems:
+       Malicious XSLT stylesheets may be written, which could result in invalid XalanJ translet Java byte code produced 
+       by XalanJ XSLTC processor. [Gary Gregory] was instrumental to help, fix this issue.
     </s3>    
-    <s3 title="Upgrade to Commons BCEL 6.6.0">
-       The distributions contain upgraded version of Commons BCEL.
+    <s3 title="Upgrade to Commons BCEL 6.7.0">
+       The distributions contain upgraded version of Commons BCEL [Gary Gregory].
     </s3>
     <s3 title="Upgrade to Xerces-J 2.12.2">
        The distributions contain upgraded versions of <code>xercesImpl.jar</code>


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@xalan.apache.org
For additional commands, e-mail: commits-help@xalan.apache.org