Sisyphus repository
Last update: 1 october 2023 | SRPMs: 18631 | Visits: 37570515
en ru br
ALT Linux repos
S:3.1.3-alt7_27jpp11
5.0: 3.1-alt1_1jpp5
4.0: 2.0.1-alt1_3jpp1.7

Group :: Development/Java
RPM: xmlrpc

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR  Repocop 

Patch: 0004-disallow-loading-external-dtd.patch
Download

From 2c16d38ab18039327b2575f61c3035683f16cd7d Mon Sep 17 00:00:00 2001
From: Mat Booth <mat.booth@redhat.com>
Date: Tue, 31 Mar 2020 17:02:12 +0100
Subject: [PATCH 4/6] disallow loading external dtd
---
 .../src/main/java/org/apache/xmlrpc/util/SAXParsers.java   | 7 +++++++
 1 file changed, 7 insertions(+)
diff --git a/common/src/main/java/org/apache/xmlrpc/util/SAXParsers.java b/common/src/main/java/org/apache/xmlrpc/util/SAXParsers.java
index b1034e7..49ef5de 100644
--- a/common/src/main/java/org/apache/xmlrpc/util/SAXParsers.java
+++ b/common/src/main/java/org/apache/xmlrpc/util/SAXParsers.java
@@ -48,6 +48,13 @@ public class SAXParsers {
         } catch (org.xml.sax.SAXException e) {
             // Ignore it
 		}
+        try {
+            spf.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
+        } catch (javax.xml.parsers.ParserConfigurationException e) {
+            // Ignore it
+        } catch (org.xml.sax.SAXException e) {
+            // Ignore it
+        }
 	}
 
 	/** Creates a new instance of {@link XMLReader}.
-- 
2.26.0.rc2








 






	design & coding: Vladimir Lettiev aka crux © 2004-2005,
	Andrew Avramenko aka liks © 2007-2008

	current maintainer: Michael Shigorin