You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by coheigea <gi...@git.apache.org> on 2018/11/22 15:56:13 UTC
[GitHub] zookeeper pull request #716: Enable secure processing and disallow DTDs in t...
GitHub user coheigea opened a pull request:
https://github.com/apache/zookeeper/pull/716
Enable secure processing and disallow DTDs in the SAXParserFactory
It's good security practice to set the secure processing feature on SAXParserFactory and to disallow Doctypes if they aren't needed.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/coheigea/zookeeper sax_secureproc
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/zookeeper/pull/716.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #716
----
commit c3086a962925dc8c3a6aa85e8a8f58ee5e0c4354
Author: Colm O hEigeartaigh <co...@...>
Date: 2018-11-22T15:51:10Z
Enable secure processing and disallow DTDs in the SAXParserFactory
----
---
[GitHub] zookeeper issue #716: Enable secure processing and disallow DTDs in the SAXP...
Posted by coheigea <gi...@git.apache.org>.
Github user coheigea commented on the issue:
https://github.com/apache/zookeeper/pull/716
Please also backport to 3.5.x, 3.4.x.
---