Monday, 10 March 2008

EditiX 2008 SP 1

EditiX is a cross-platform and multi-purpose XML editor and XSLT debugger (1.0 and 2.0), which helps Web authors and programmers use XML and XML-related technologies, such as XSLT, FO, and XSD schemas. It provides a lot of functionality within a refined IDE, which guides the user with intelligent entry helpers, and has real-time XPath location and syntax error detection. It allows the user to apply an XSLT or FO transformation, and shows the result in a separate view. It includes default templates for XML, DTD, XHTML, XSLT, XSD, XML RelaxNG, SVG, MathML, and XML FO. It can generate schema W3C, DTD or RelaxNG from a document instance.

. . . full article

Sun releases patch to address a number of serious vulnerabilities

A security vulnerability in the Java Runtime Environment (JRE) with the processing of XSLT transformations may allow an untrusted applet or application that is downloaded from a website to elevate its privileges. For example, an applet may read certain unauthorized URL resources (such as some files and web pages) or potentially execute arbitrary code. This vulnerability may also be exploited to create a Denial-of-Service (DoS) condition by causing the JRE to crash. (CVE-2008-1187)

. . . full article