Apache Xerces-J 2.12.0 now available

May 7, 2018

Submitted by Apache Xerces.

parser apache xerces

The Apache Xerces project team is pleased to announce that version 2.12.0 of Apache Xerces-J is now available. Xerces-J 2.12.0 can be downloaded at: http://xerces.apache.org/mirrors.cgi.

This release expands on Xerces-J's experimental support for XML Schema 1.1 by providing a fully compliant XML Schema 1.1 implementation. It fixes several bugs which were present in Xerces-J 2.11.0 and also includes a few other minor enhancements. Specifically, the changes introduced in this release are:

Report all id/idref problems when validating XML against DTD or XML Schema. [Michael Glavassevich]
Implemented improvements to XML Schema 1.1 CTA implementation and inheritable attributes. [Mukul Gandhi, Hiranya Jayathilaka]
Implemented improved error/warning message reporting for various XML Schema use cases. [Mukul Gandhi]
Implemented few performance enhancements (affecting parsing/validation latency and memory footprint) to the implementation. [Michael Glavassevich]
Fixed minor bugs in Xerces-J's regex support in XML Schema <pattern> facet. [Michael Glavassevich, Khaled Noaman, Sandy Gao]
Implemented various fixes to XML Schema 1.1 assert/assertion implementation. [Mukul Gandhi]
Implemented minor and major fixes in certain areas, to XML Schema 1.0 and 1.1 implementations. [Michael Glavassevich, Khaled Noaman, Sandy Gao, Mukul Gandhi]
Fixed the issue related to, XIncludeTextReader doesn't handle null Content Types properly. [Michael Glavassevich]
Fixed minor problems in the DOM (Level 3 Core) implementation. [Michael Glavassevich]
Fixed few errors related to Xerces-J's build component. [Michael Glavassevich]
Solved a minor bug in SoftReferenceSymbolTable implementation component. [Michael Glavassevich]
Octavian and Radu, from Oxygen XML Editor team have contributed much by way of intimating numerous bugs and implementation ideas, for Xerces-J's XML Schema 1.0 and 1.1 implementations. [Octavian Nadolu, Radu Coravu]

The following security issues, raised by users, were fixed:

CVE-2012-0881 : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0881
CVE-2013-4002 : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4002
CVE-2018-2799 : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2799

A complete list of JIRA issues resolved in this release is available here: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=10520&version=12336542

For more information please visit: http://xerces.apache.org/xerces2-j/