From 901292cf9d7d8225f8a3b96c7583e2bd8b41772d Mon Sep 17 00:00:00 2001
From: Mark Emlyn David Thomas <markt@apache.org>
Date: Thu, 18 Oct 2007 11:44:53 +0000
Subject: [PATCH] Fix CVE-2007-5461.

git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc6.0.x/trunk@585934 13f79535-47bb-0310-9956-ffa450edef68
---
 STATUS                                               | 5 -----
 java/org/apache/catalina/servlets/WebdavServlet.java | 1 +
 webapps/docs/changelog.xml                           | 4 ++++
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/STATUS b/STATUS
index b666623b89c3..0b769eb7d687 100644
--- a/STATUS
+++ b/STATUS
@@ -42,11 +42,6 @@ PATCHES PROPOSED TO BACKPORT:
   +1: fhanik,funkman
   -1: 
   
-* Fix important vulnerability when webdav is enabled for write
-  Patch: http://marc.info/?l=tomcat-dev&m=119245116910632&w=2
-  +1: markt, funkman, remm, fhanik
-  -1: 
-
 * Fix for JDT update: update jdt.jar in build.properties.default to:
   jdt.jar=${jdt.lib}/org.eclipse.jdt.core_3.3.1.v_780_R33x.jar
   +1: remm, fhanik,funkman, pero
diff --git a/java/org/apache/catalina/servlets/WebdavServlet.java b/java/org/apache/catalina/servlets/WebdavServlet.java
index 88312fc2ed65..521c646dfaad 100644
--- a/java/org/apache/catalina/servlets/WebdavServlet.java
+++ b/java/org/apache/catalina/servlets/WebdavServlet.java
@@ -243,6 +243,7 @@ protected DocumentBuilder getDocumentBuilder()
         try {
             documentBuilderFactory = DocumentBuilderFactory.newInstance();
             documentBuilderFactory.setNamespaceAware(true);
+            documentBuilderFactory.setExpandEntityReferences(false);
             documentBuilder = documentBuilderFactory.newDocumentBuilder();
         } catch(ParserConfigurationException e) {
             throw new ServletException
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index fc39388b7f66..0f8578b31671 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -158,6 +158,10 @@
       <fix>
         Fix WebDAV Servlet so it works correctly with MS clients. (markt)
       </fix>
+      <fix>
+        Fix CVE-2007-5461, an important information disclosure vulnerability in
+        the WebDAV Servlet. (markt)
+      </fix>
       <fix>
         <bug>42979</bug>: Update sample.war to include recent security fixes
         in the source code. (markt)