You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ma...@apache.org on 2014/03/17 23:28:06 UTC

svn commit: r1578636 - /tomcat/trunk/webapps/docs/changelog.xml

Author: markt
Date: Mon Mar 17 22:28:04 2014
New Revision: 1578636

URL: http://svn.apache.org/r1578636
Log:
Update changelog

Modified:
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1578636&r1=1578635&r2=1578636&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon Mar 17 22:28:04 2014
@@ -132,6 +132,12 @@
         tests for this and similar scenarios and fix the additional issues those
         unit tests identified. Based on a patch by Larry Isaacs. (markt)
       </fix>
+      <fix>
+        Redefine the <code>globalXsltFile</code> initialisation parameter of the
+        DefaultServlet as relative to CATALINA_BASE/conf or CATALINA_HOME/conf.
+        Prevent user supplied XSLTs used by the DefaultServlet from defining
+        external entities. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org