Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-15827

Upgrade xerces from fork to Apache standard 2.12.1

    XMLWordPrintable

Details

    • Component Upgrade
    • Resolution: Won't Do
    • Major
    • None
    • 26.0.0.Beta1
    • REST, Web Services
    • None

    Description

      The current xerces implementation 2.12.0.SP03 is based on a fork of the original one. It does not accept XXE prevention parameters XXE Prevention Java

      After xerces is not in use for the whole server but default dependency for major APIs, it can be reverted to the latest Apache standard version 2.12.1 which does support hardening parameters.

      Attachments

        Activity

          People

            rsigal@redhat.com Ronald Sigal
            xf01213 Boris Unckel (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: