[teiid-issues] [JBoss JIRA] (TEIID-2927) Guard against external entity resolving in OData Atom Feed
Steven Hawkins (JIRA)
issues at jboss.org
Tue Apr 22 13:14:33 EDT 2014
[ https://issues.jboss.org/browse/TEIID-2927?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steven Hawkins updated TEIID-2927:
----------------------------------
Assignee: Van Halbert
Assigning to Van to work with productization on an OData4j patch.
> Guard against external entity resolving in OData Atom Feed
> ----------------------------------------------------------
>
> Key: TEIID-2927
> URL: https://issues.jboss.org/browse/TEIID-2927
> Project: Teiid
> Issue Type: Bug
> Components: OData, Query Engine
> Affects Versions: 7.7, 8.4
> Reporter: Van Halbert
> Assignee: Van Halbert
> Priority: Critical
> Fix For: 8.7.1
>
>
> OData4j is responsible for parsing the Atom feed. StaxXMLFactoryProvider2 simply creates XMLInputFactories without any options, thus they will perform external entity resolving by default. An issue will need to be opened against OData4j.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the teiid-issues
mailing list