diff --git a/CHANGES.md b/CHANGES.md
index dc43f5aee..2482a2cf1 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -233,5 +233,12 @@ Major release of chat workflow.  Most interfaces for this changed.  See migratio
  - #340 Running selfcontained spring boot jar (fat jar) fails on help command
  - #282 Fix The PollBot
  - Release 9.0.1
- 
+
+# May 31 2023
+
+ - #390 Improved documentation for FINOS Active badge
+ - #387 Fixed CVEs, rolled out FINOS Security Scanning
+ - #386 Fixed Teams File State Storage
+ - #380 Removing GPL-licensed dependency in Reminder Bot
+ - #378 Added retry logic for teams
  
diff --git a/libs/symphony-bdk/symphony-bdk-chat-workflow-spring-boot-starter/src/main/java/org/finos/springbot/symphony/content/serialization/MessageMLParser.java b/libs/symphony-bdk/symphony-bdk-chat-workflow-spring-boot-starter/src/main/java/org/finos/springbot/symphony/content/serialization/MessageMLParser.java
index 5aa68f27c..3b480e50f 100644
--- a/libs/symphony-bdk/symphony-bdk-chat-workflow-spring-boot-starter/src/main/java/org/finos/springbot/symphony/content/serialization/MessageMLParser.java
+++ b/libs/symphony-bdk/symphony-bdk-chat-workflow-spring-boot-starter/src/main/java/org/finos/springbot/symphony/content/serialization/MessageMLParser.java
@@ -38,9 +38,7 @@
 public class MessageMLParser extends AbstractContentParser<String, EntityJson>{
 	
 	private static final Logger LOG = LoggerFactory.getLogger(PresentationMLHandler.class);
-	
-	private SAXParserFactory factory = SAXParserFactory.newInstance();
-	
+		
 	static class TagFrame<X extends Tag> extends TextFrame<X> {
 
 		String id;
@@ -102,6 +100,8 @@ public Message apply(String message, EntityJson jsonObjects) {
 		Content [] out = { null };
 		
 		try {
+			SAXParserFactory factory = SAXParserFactory.newInstance();
+			factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);          
 			SAXParser saxParser = factory.newSAXParser();
 			saxParser.parse(new InputSource(new StringReader(message)), new DefaultHandler2() {