Projects
openEuler:Mainline
batik
_service:tar_scm:CVE-2020-11987.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:CVE-2020-11987.patch of Package batik
From 0ef5b661a1f77772d1110877ea9e0287987098f6 Mon Sep 17 00:00:00 2001 From: Simon Steiner <ssteiner@apache.org> Date: Tue, 2 Jun 2020 13:59:37 +0000 Subject: [PATCH] BATIK-1284: Dont load DTDs in NodePickerPanel git-svn-id: https://svn.apache.org/repos/asf/xmlgraphics/batik/trunk@1878396 13f79535-47bb-0310-9956-ffa450edef68 --- .../org/apache/batik/apps/svgbrowser/NodePickerPanel.java | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/batik-svgbrowser/src/main/java/org/apache/batik/apps/svgbrowser/NodePickerPanel.java b/batik-svgbrowser/src/main/java/org/apache/batik/apps/svgbrowser/NodePickerPanel.java index 2a93e95a43..a5ad8e8b11 100644 --- a/batik-svgbrowser/src/main/java/org/apache/batik/apps/svgbrowser/NodePickerPanel.java +++ b/batik-svgbrowser/src/main/java/org/apache/batik/apps/svgbrowser/NodePickerPanel.java @@ -847,8 +847,10 @@ private Element parseXml(String xmlString) { Document doc = null; DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); try { - javax.xml.parsers.DocumentBuilder parser = factory - .newDocumentBuilder(); + factory.setFeature("http://xml.org/sax/features/external-general-entities", false); + factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + javax.xml.parsers.DocumentBuilder parser = factory.newDocumentBuilder(); parser.setErrorHandler(new ErrorHandler() { public void error(SAXParseException exception) throws SAXException {
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2