commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nick Lothian" <>
Subject [feedparser] Security patch
Date Wed, 11 Oct 2006 05:50:57 GMT

I'm a developer on the ROME RSS/Atom parser project
( We were recently notified of a possible
security issue in our code
(, which we've

I'm aware that FeedParser is a dormant project, but the attached patch
will fix the same problem in the Apache-Commons project version.

I've also attached updated suitable for using with
Kevin's TailRank version ( (Hi Kevin!) is needed for both versions.

There is also an example RSS file which triggers the bug. (You'll need
some kind of monitoring tool to check for connections to
on port 80).

Hopefully someone will find these useful.

  Nick Lothian

View raw message