Fixes #201 - update xerces and xalan to versions without CVEs

build.xml

@@ -102,13 +102,13 @@ For instructions on how to build JDOM, please view the README.txt file.
 	<filter token="jdk" value="${compile.target}" />
 
 	<!-- Default JAR libraries -->
-	<property name="parser.jar"        value="${lib.dir}/xercesImpl.jar" />
+	<property name="parser.jar"        value="${lib.dir}/xercesImpl-2.12.2.jar" />
 	<property name="xmlapi.jar"        value="${lib.dir}/xml-apis.jar" />
 	<property name="jaxen.jar"         value="${lib.dir}/jaxen-1.2.0.jar" />
 	<property name="junit.jar"         value="${lib.dir}/junit-4.8.2.jar" />
 	<property name="isorelax.jar"      value="${contrib}/lib/isorelax.jar" />
-	<property name="xalan.jar"         value="${lib.dir}/xalan/xalan-2.7.2.jar" />
-	<property name="xalanser.jar"      value="${lib.dir}/xalan/serializer-2.7.2.jar" />
+	<property name="xalan.jar"         value="${lib.dir}/xalan/xalan-2.7.3.jar" />
+	<property name="xalanser.jar"      value="${lib.dir}/xalan/serializer-2.7.3.jar" />
 
 	<!-- Compilation class path -->
 	<path id="base.class.path">

lib/xalan/xalan-2.7.2.NOTICE → lib/xalan/xalan-2.7.3.NOTICE

@@ -1,80 +1,85 @@
-   =========================================================================
-   ==  NOTICE file corresponding to section 4(d) of the Apache License,   ==
-   ==  Version 2.0, in this case for the Apache Xalan Java distribution.  ==
-   =========================================================================
-
-   Apache Xalan (Xalan XSLT processor)
-   Copyright 1999-2014 The Apache Software Foundation
-
-   Apache Xalan (Xalan serializer)
-   Copyright 1999-2012 The Apache Software Foundation
-
-   This product includes software developed at
-   The Apache Software Foundation (http://www.apache.org/).
-
-   =========================================================================
-   Portions of this software was originally based on the following:
-     - software copyright (c) 1999-2002, Lotus Development Corporation.,
-       http://www.lotus.com.
-     - software copyright (c) 2001-2002, Sun Microsystems.,
-       http://www.sun.com.
-     - software copyright (c) 2003, IBM Corporation., 
-       http://www.ibm.com.
-
-   =========================================================================
-   The binary distribution package (ie. jars, samples and documentation) of
-   this product includes software developed by the following:
-
-     - The Apache Software Foundation 
-         - Xerces Java - see LICENSE.txt 
-         - JAXP 1.3 APIs - see LICENSE.txt
-         - Bytecode Engineering Library - see LICENSE.txt
-         - Regular Expression - see LICENSE.txt
-
-     - Scott Hudson, Frank Flannery, C. Scott Ananian 
-         - CUP Parser Generator runtime (javacup\runtime) - see LICENSE.txt 
-
-   ========================================================================= 
-   The source distribution package (ie. all source and tools required to build
-   Xalan Java) of this product includes software developed by the following:
-
-     - The Apache Software Foundation
-         - Xerces Java - see LICENSE.txt 
-         - JAXP 1.3 APIs - see LICENSE.txt
-         - Bytecode Engineering Library - see LICENSE.txt
-         - Regular Expression - see LICENSE.txt
-         - Ant - see LICENSE.txt
-         - Stylebook doc tool - see LICENSE.txt    
-
-     - Elliot Joel Berk and C. Scott Ananian 
-         - Lexical Analyzer Generator (JLex) - see LICENSE.txt
-
-   =========================================================================       
-   Apache Xerces Java
-   Copyright 1999-2006 The Apache Software Foundation
-
-   This product includes software developed at
-   The Apache Software Foundation (http://www.apache.org/).
-
-   Portions of Apache Xerces Java in xercesImpl.jar and xml-apis.jar
-   were originally based on the following:
-     - software copyright (c) 1999, IBM Corporation., http://www.ibm.com.
-     - software copyright (c) 1999, Sun Microsystems., http://www.sun.com.
-     - voluntary contributions made by Paul Eng on behalf of the 
-       Apache Software Foundation that were originally developed at iClick, Inc.,
-       software copyright (c) 1999.    
-
-   =========================================================================   
-   Apache xml-commons xml-apis (redistribution of xml-apis.jar)
-
-   Apache XML Commons
-   Copyright 2001-2003,2006 The Apache Software Foundation.
-
-   This product includes software developed at
-   The Apache Software Foundation (http://www.apache.org/).
-
-   Portions of this software were originally based on the following:
-     - software copyright (c) 1999, IBM Corporation., http://www.ibm.com.
-     - software copyright (c) 1999, Sun Microsystems., http://www.sun.com.
-     - software copyright (c) 2000 World Wide Web Consortium, http://www.w3.org
-
+   =========================================================================
+   ==  NOTICE file corresponding to section 4(d) of the Apache License,   ==
+   ==  Version 2.0, in this case for the Apache Xalan Java distribution.  ==
+   =========================================================================
+
+   Apache Xalan (Xalan XSLT processor)
+   Copyright 1999-2023 The Apache Software Foundation
+
+   Apache Xalan (Xalan serializer)
+   Copyright 1999-2012 The Apache Software Foundation
+
+   This product includes software developed at
+   The Apache Software Foundation (http://www.apache.org/).
+
+   =========================================================================
+   Portions of this software was originally based on the following:
+     - software copyright (c) 1999-2002, Lotus Development Corporation.,
+       http://www.lotus.com.
+     - software copyright (c) 2001-2002, Sun Microsystems.,
+       http://www.sun.com.
+     - software copyright (c) 2003, IBM Corporation., 
+       http://www.ibm.com.
+
+   =========================================================================
+   The binary distribution package (ie. jars, samples and documentation) of
+   this product includes software developed by the following:
+
+     - The Apache Software Foundation 
+         - Xerces Java - see LICENSE.txt 
+         - JAXP 1.3 APIs - see LICENSE.txt
+         - Bytecode Engineering Library - see LICENSE.txt
+         - Regular Expression - see LICENSE.txt
+
+     - Scott Hudson, Frank Flannery, C. Scott Ananian 
+         - CUP Parser Generator runtime (javacup\runtime) - see LICENSE.txt 
+
+   ========================================================================= 
+   The source distribution package (ie. all source and tools required to build
+   Xalan Java) of this product includes software developed by the following:
+
+     - The Apache Software Foundation
+         - Xerces Java - see LICENSE.txt 
+         - JAXP 1.3 APIs - see LICENSE.txt
+         - Bytecode Engineering Library - see LICENSE.txt
+         - Regular Expression - see LICENSE.txt
+         - Ant - see LICENSE.txt
+         - Stylebook doc tool - see LICENSE.txt
+         - Beans Scripting Framework (BSF) - see LICENSE.txt
+         - Commons Logging - see LICENSE.txt    
+
+     - Elliot Joel Berk and C. Scott Ananian 
+         - Lexical Analyzer Generator (JLex) - see LICENSE.txt
+
+     - Mozilla Foundation 
+         - Rhino: JavaScript implementation in Java - see LICENSE.txt         
+
+   =========================================================================       
+   Apache Xerces Java
+   Copyright 1999-2022 The Apache Software Foundation
+
+   This product includes software developed at
+   The Apache Software Foundation (http://www.apache.org/).
+
+   Portions of Apache Xerces Java in xercesImpl.jar and xml-apis.jar
+   were originally based on the following:
+     - software copyright (c) 1999, IBM Corporation., http://www.ibm.com.
+     - software copyright (c) 1999, Sun Microsystems., http://www.sun.com.
+     - voluntary contributions made by Paul Eng on behalf of the 
+       Apache Software Foundation that were originally developed at iClick, Inc.,
+       software copyright (c) 1999.    
+
+   =========================================================================   
+   Apache xml-commons xml-apis (redistribution of xml-apis.jar)
+
+   Apache XML Commons
+   Copyright 2001-2003,2006 The Apache Software Foundation.
+
+   This product includes software developed at
+   The Apache Software Foundation (http://www.apache.org/).
+
+   Portions of this software were originally based on the following:
+     - software copyright (c) 1999, IBM Corporation., http://www.ibm.com.
+     - software copyright (c) 1999, Sun Microsystems., http://www.sun.com.
+     - software copyright (c) 2000 World Wide Web Consortium, http://www.w3.org
+