oss-sec mailing list archives

New security advisory for Apache CXF

From: Colm O hEigeartaigh <coheigea () apache org>
Date: Sat, 14 Nov 2015 15:32:32 +0000

A new security advisory has been released for Apache CXF:

CVE-2015-5253
<http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc?version=1&modificationDate=1447433340000&api=v2>:
Apache CXF SAML SSO processing is vulnerable to a wrapping attack

Please update to the latest CXF versions if you are using SAML SSO. More
information on CXF security advisories at the following page:
http://cxf.apache.org/security-advisories.html

Colm.

-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Current thread:

New security advisory for Apache CXF Colm O hEigeartaigh (Nov 14)
- Re: New security advisory for Apache CXF Hanno Böck (Nov 14)