[Owasp-antisamy] News and notes

Arshan Dabirsiaghi arshan.dabirsiaghi at aspectsecurity.com
Mon Mar 8 01:32:20 EST 2010


A few notes for interested users:

 

1. Thanks to danrabe for giving the policy files a serious look-through.
He reported a number of low-impact bugs and typos that could have become
big-impact if the stars had aligned more.

 

2. I updated the POM to point to the more-legitimate batik-css groupId
(thanks to Luke for pointing this out)

 

3. I updated the POM to point to an updated version of NekoHTML
(1.9.12). Although 1.9.15 is out, it and its previous versions up to and
including 1.9.13 have introduced regression errors in our test cases -
so if you're using one of those later versions in your own POM, well,
beware.

 

4. It looks like a SAX patch won't be included in the coming 1.4 release
(we are shooting for this weekend, but I don't blame you if you don't
believe me!), but we have fixed almost every issue and enhancement
reported on the issue tracker
(http://code.google.com/p/owaspantisamy/issues/list). I'm looking for a
few organized developers to help me tackle the SAX parser. This will be
an easy thing to get very wrong, and subtly, so forgive my reticence!

 

As always, if you have questions or concerns, feel free to bring them up
here, or on the issue tracker. Thanks for all the feedback!

 

Cheers,

Arshan

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-antisamy/attachments/20100308/fe66b867/attachment.html 


More information about the Owasp-antisamy mailing list