commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevin Burton" <>
Subject Re: [feedparser] Security patch
Date Wed, 11 Oct 2006 05:55:32 GMT
On 10/10/06, Nick Lothian <> wrote:
> Hi,
> I'm a developer on the ROME RSS/Atom parser project
> ( We were recently notified of a possible
> security issue in our code
> (, which we've
> fixed.
> I'm aware that FeedParser is a dormant project, but the attached patch
> will fix the same problem in the Apache-Commons project version.

FeedParser def isn't dormant....

I just haven't officially announced that I'm moving it out of Apache.  Just
been to busy with official work to be a good maintainer :-/

I've also attached updated suitable for using with
> Kevin's TailRank version ( (Hi Kevin!)

Sweet. is needed for both versions.
> There is also an example RSS file which triggers the bug. (You'll need
> some kind of monitoring tool to check for connections to
> on port 80).
> Hopefully someone will find these useful.

Interesting...... I'll take a look.



Location: San Francisco, CA
AIM/YIM: sfburtonator
Skype: burtonator
Cell: 415-637-8078

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message