You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fop-users@xmlgraphics.apache.org by Lars Teuber <te...@aspera.com> on 2015/11/09 16:19:51 UTC
Update of fop
Hi,
There is a security issue in Xalan < 2.7.2, see:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0107
Are there plans to update fop to the new version or is it possible /
recommended to just update the jar file?
Best regards
Lars
---------------------------------------------------------------------
To unsubscribe, e-mail: fop-users-unsubscribe@xmlgraphics.apache.org
For additional commands, e-mail: fop-users-help@xmlgraphics.apache.org
Re: Update of fop
Posted by Chris Bowditch <bo...@hotmail.com>.
Hi Lars,
Please log a JIRA to update the Xalan version shipped with FOP. Its not
a difficult change, but let's add it to the list so its not forgotten.
In the meantime, changing the JAR file manually in the lib folder is a
simple enough workaround
Thanks,
Chris
On 09/11/2015 15:19, Lars Teuber wrote:
> Hi,
>
> There is a security issue in Xalan < 2.7.2, see:
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0107
>
> Are there plans to update fop to the new version or is it possible /
> recommended to just update the jar file?
>
> Best regards
> Lars
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: fop-users-unsubscribe@xmlgraphics.apache.org
> For additional commands, e-mail: fop-users-help@xmlgraphics.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: fop-users-unsubscribe@xmlgraphics.apache.org
For additional commands, e-mail: fop-users-help@xmlgraphics.apache.org