blob: 2a02d8f0131bcc34e6ccac28e3cffb8d3f6f5099 [file] [log] [blame]
Title: The Apache™ XML Graphics Project - Community
#The Apache™ XML Graphics Project - Security
## Published Vulnerabilities { #PublishedVulnerabilities}
The *Apache™ XML Graphics Project* has collected its Security related information for all of its sub-projects to this page.
### Apache™ Batik Project - Apache Batik Security { #BatikSecurity}
**Fixed in Batik 1.8, 1.7.1 and 1.6.1**
medium: XXE vulnerability CVE-2015-0250
Issue Public: 2012-07-25
Update Released: 2015-03-17 (Batik 1.8) and 2015-05-10 (Batik 1.7.1 and 1.6.1)
Affects: 1.7, 1.6 and earlier
### Apache™ FOP Project - Apache FOP Security { #FOPSecurity}
At the time of the most recent update, the [Apache FOP Project](http://xmlgraphics.apache.org/fop/) has no published vulnerabilities.
### Apache™ XML Graphics Commons Project - Apache XML Graphics Commons Security { #XMLGraphicsCommonsSecurity}
At the time of the most recent update, the [Apache XML Graphics Commons Project](http://xmlgraphics.apache.org/commons/) has no published vulnerabilities.
##Reporting New Security Problems with the Apache XML Graphics Sub Projects { #ReportingSecurityProblems}
Please report problems to the private security mailing list of the ASF Security Team, before disclosing them in a public forum. See the page of the [ASF Security Team](http://www.apache.org/security/) for further information and contact information.
**IMPORTANT**
* **The ASF Security Team cannot accept regular bug reports or other queries. We ask that you use our [bug reporting page](http://xmlgraphics.apache.org/commons/bugs.html) for those.**
* **All mail sent to the Security Team that does not relate to security problems in Apache software will be ignored.**
**VERY IMPORTANT**
* **Do not submit security reports regarding vulnerabilities to our bug reporting system. This may inadvertently publicize the security vulnerability. Instead follow the steps on the [ASF Security Page](http://www.apache.org/security/).**
##Security Standards { #SecurityStandards}
Apache XML Graphics Project vulnerabilities are labeled with [CVE](http://cve.mitre.org/) (Common Vulnerabilities and Exposures) identifiers.