[xml/sgml-pkgs] Bug#296432: more information on CAN-2004-1575
Jay Berkenbilt
Jay Berkenbilt <qjb@debian.org>, 296432@bugs.debian.org
Tue, 15 Mar 2005 21:16:15 -0500
clone 296432 -1
reassign -1 xerces24
retitle -1 [CAN-2004-1575] Xerces-C++ 2.4.0: Attribute blowup
thanks
I've gotten information from upstream on the nature of CAN-2004-1575,
the attribute blowup on xerces 2.5.0. As far as I can tell, this
problem impacts only Xerces 2.4.0 and 2.5.0. 2.3.0 and earlier are
not affected because they do not yet have the code that had the
problem. Specifically, there was some code added to avoid false
duplicate attribute reports under some conditions, and that code
didn't scale well with large numbers of attributes.
I have the code changes that actually fixed the problem, and should
have no trouble backporting these to 2.5.0 and 2.4.0. I'll get
upstream to verify the patches, and then I'll upload the fixes.
--
Jay Berkenbilt <qjb@debian.org>