Build: #179 was successful Changes by Florian Schmaus <flo@geekplace.eu>

Build result summary

Details

Completed
Duration
10 minutes
Labels
None
Agent
Default Agent
Revision
28dd56a13acd8c04f806b640ba2eb294c511bd82 28dd56a13acd8c04f806b640ba2eb294c511bd82
Total tests
794
Successful since
#174 ()

Tests

Code commits

Author Commit Message Commit date
Florian Schmaus <flo@geekplace.eu> Florian Schmaus <flo@geekplace.eu> 28dd56a13acd8c04f806b640ba2eb294c511bd82 28dd56a13acd8c04f806b640ba2eb294c511bd82 Merge pull request #438 from Flowdalic/stax-disable-xxe-and-dtd
[xmlparser-stax] Disable external entities and DTD
Florian Schmaus <flo@geekplace.eu> Florian Schmaus <flo@geekplace.eu> c1b412c4579f4c9b1a12a49bc0d07d1d8ad7adea c1b412c4579f4c9b1a12a49bc0d07d1d8ad7adea [xmlparser-stax] Disable external entities and DTD
Before that, the StAX parser used by Smack for XML parsing had
only external entity replacement disabled. We further harden the
parser by disabling DTDs.

See also:
https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#xmlinputfactory-a-stax-parser

Shared artifacts

Artifact File size
Project binary files 22 MB