refs/heads/R4_20_maintenance - platform/eclipse.platform.debug

commit	4d9794b2909402ac8e10312a476bb415976a5d43	[log] [tgz]
author	Sarika Sinha <sarika.sinha@in.ibm.com>	Mon Nov 22 18:34:49 2021 +0530
committer	Sarika Sinha <sarika.sinha@in.ibm.com>	Fri Dec 24 07:51:48 2021 -0500
tree	0f5e310a145fd70e38ff7afcc2f55a56d621beed
parent	34728d198e0422fb0bb1ff1e4f531483a10fce46 [diff]

Bug 577894 - Security Issue -- XXE Attack

Applications using XMLMemento are vulnerable to XXE Attack

see https://docs.oracle.com/en/java/javase/17/security/java-api-xml-processing-jaxp-security-guide.html

Change-Id: I3f413123158ce2ff76ff250f84fe338520d0882e
Reviewed-on: https://git.eclipse.org/r/c/platform/eclipse.platform.debug/+/187978
Reviewed-by: Kalyan Prasad Tatavarthi <kalyan_prasad@in.ibm.com>
Tested-by: Platform Bot <platform-bot@eclipse.org>
(cherry picked from commit e81a54a076c159432d2e8b1c661d94a805516849)
Reviewed-on: https://git.eclipse.org/r/c/platform/eclipse.platform.debug/+/188344
Tested-by: Sarika Sinha <sarika.sinha@in.ibm.com>
Reviewed-by: Sarika Sinha <sarika.sinha@in.ibm.com>

org.eclipse.debug.core/core/org/eclipse/debug/internal/core/XMLMemento.java[diff]

1 file changed

tree: 0f5e310a145fd70e38ff7afcc2f55a56d621beed