You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@wink.apache.org by "Hudson (JIRA)" <ji...@apache.org> on 2010/07/06 19:29:49 UTC
[jira] Commented: (WINK-298) enhance DTD expansion tests
[ https://issues.apache.org/jira/browse/WINK-298?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12885612#action_12885612 ]
Hudson commented on WINK-298:
-----------------------------
Integrated in Wink-Trunk-JDK1.5 #361 (See [http://hudson.zones.apache.org/hudson/job/Wink-Trunk-JDK1.5/361/])
WINK-298: improve tests for xml security vulnerability
> enhance DTD expansion tests
> ---------------------------
>
> Key: WINK-298
> URL: https://issues.apache.org/jira/browse/WINK-298
> Project: Wink
> Issue Type: Test
> Components: Common, Server
> Affects Versions: 1.1.2
> Reporter: Mike Rheinheimer
> Assignee: Mike Rheinheimer
> Fix For: 1.1.2
>
> Attachments: WINK-298.patch
>
>
> The tests for the DTD expansion were intentionally incomplete so as not to confess a vulnerability prematurely. Now that the cat is out of the bag, we can add some more tests.
> See patch. I'll commit when 1.1.1 release process is done.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.