You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zookeeper.apache.org by coheigea <gi...@git.apache.org> on 2018/11/22 15:56:13 UTC

[GitHub] zookeeper pull request #716: Enable secure processing and disallow DTDs in t...

GitHub user coheigea opened a pull request:

    https://github.com/apache/zookeeper/pull/716

    Enable secure processing and disallow DTDs in the SAXParserFactory

    It's good security practice to set the secure processing feature on SAXParserFactory and to disallow Doctypes if they aren't needed.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/coheigea/zookeeper sax_secureproc

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/zookeeper/pull/716.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #716
    
----
commit c3086a962925dc8c3a6aa85e8a8f58ee5e0c4354
Author: Colm O hEigeartaigh <co...@...>
Date:   2018-11-22T15:51:10Z

    Enable secure processing and disallow DTDs in the SAXParserFactory

----


---

[GitHub] zookeeper issue #716: Enable secure processing and disallow DTDs in the SAXP...

Posted by coheigea <gi...@git.apache.org>.

Github user coheigea commented on the issue:

    https://github.com/apache/zookeeper/pull/716
  
    Please also backport to 3.5.x, 3.4.x.


---