[Mono-bugs] [Bug 60334][Cri] New - Possible document exploit via RelaxngGrammar compiler

bugzilla-daemon@bugzilla.ximian.com bugzilla-daemon@bugzilla.ximian.com
Thu, 17 Jun 2004 03:51:16 -0400 (EDT)

Previous message: [Mono-bugs] [Bug 60333][Nor] New - mcs reports error CS0182 when casting a constant value in attribute
Next message: [Mono-bugs] [Bug 60334][Cri] Changed - Possible document exploit via RelaxngGrammar compiler
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by atsushi@ximian.com.

http://bugzilla.ximian.com/show_bug.cgi?id=60334

--- shadow/60334	2004-06-17 03:51:16.000000000 -0400
+++ shadow/60334.tmp.13920	2004-06-17 03:51:16.000000000 -0400
@@ -0,0 +1,21 @@
+Bug#: 60334
+Product: Mono: Class Libraries
+Version: unspecified
+OS: 
+OS Details: 
+Status: NEW   
+Resolution: 
+Severity: 
+Priority: Critical
+Component: Sys.XML
+AssignedTo: mono-bugs@ximian.com                            
+ReportedBy: atsushi@ximian.com               
+QAContact: mono-bugs@ximian.com
+TargetMilestone: ---
+URL: 
+Cc: 
+Summary: Possible document exploit via RelaxngGrammar compiler
+
+RelaxngValidatingReader should have XmlResolver, like all other Xml classes
+such as XmlSchema, Otherwise some grammar components such as "include" and
+"externalRef" might allow to read resources.

Previous message: [Mono-bugs] [Bug 60333][Nor] New - mcs reports error CS0182 when casting a constant value in attribute
Next message: [Mono-bugs] [Bug 60334][Cri] Changed - Possible document exploit via RelaxngGrammar compiler
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]