You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@xalan.apache.org by mu...@apache.org on 2022/12/05 14:20:19 UTC
[xalan-java] branch xalan-j_2_7_1_maint updated: minor improvements, to XalanJ 2.7.3 release notes
This is an automated email from the ASF dual-hosted git repository.
mukulg pushed a commit to branch xalan-j_2_7_1_maint
in repository https://gitbox.apache.org/repos/asf/xalan-java.git
The following commit(s) were added to refs/heads/xalan-j_2_7_1_maint by this push:
new 1592733d minor improvements, to XalanJ 2.7.3 release notes
1592733d is described below
commit 1592733d8f57c0d50a76789adbb5abca8b013fe9
Author: Mukul Gandhi <ga...@gmail.com>
AuthorDate: Mon Dec 5 19:50:02 2022 +0530
minor improvements, to XalanJ 2.7.3 release notes
---
xdocs/sources/xalan/readme.xml | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/xdocs/sources/xalan/readme.xml b/xdocs/sources/xalan/readme.xml
index 6560ebf7..1c902719 100644
--- a/xdocs/sources/xalan/readme.xml
+++ b/xdocs/sources/xalan/readme.xml
@@ -38,12 +38,15 @@
<anchor name="notes_latest"/>
<s2 title="Release notes for &xslt4j; 2.7.3">
<p>
- &xslt4j; 2.7.3 was released in October 2022.
+ &xslt4j; 2.7.3 was released in December 2022.
</p>
- <s3 title="Fix for CVE-2022-34169 An integer truncation issue when processing malicious XSLT stylesheets">
+ <s3 title="Fix for CVE-2022-34169 An integer truncation issue when processing malicious XSLT stylesheets">
+ This issue was fixed within XalanJ's XSLTC processor. This XalanJ issue, when present causes following problems:
+ Malicious XSLT stylesheets may be written, which could result in invalid XalanJ translet Java byte code produced
+ by XalanJ XSLTC processor. [Gary Gregory] was instrumental to help, fix this issue.
</s3>
- <s3 title="Upgrade to Commons BCEL 6.6.0">
- The distributions contain upgraded version of Commons BCEL.
+ <s3 title="Upgrade to Commons BCEL 6.7.0">
+ The distributions contain upgraded version of Commons BCEL [Gary Gregory].
</s3>
<s3 title="Upgrade to Xerces-J 2.12.2">
The distributions contain upgraded versions of <code>xercesImpl.jar</code>
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@xalan.apache.org
For additional commands, e-mail: commits-help@xalan.apache.org