oss-sec mailing list archives
CVE updates: fixes in Apache Atlas 0.8-incubating
From: Madhan Neethiraj <madhan () apache org>
Date: Tue, 23 May 2017 15:16:46 -0700
All, Please see below the details of CVE updates for Apache Atlas 0.8-incubating release. My apologies for the delay in sending this update. Thanks, Madhan ------------------------------------------------------------------------------------------------------- CVE-2016-8752: Atlas web server allows user to browse webapp directory Severity: Normal Vendor: The Apache Software Foundation Versions Affected: 0.6.0 or 0.7.0 or 0.7.1 versions of Apache Atlas Users affected: All users of Apache Atlas server Description: Atlas users can access the webapp directory contents by pointing to URIs like /js, /img Fix detail: Atlas was updated to prevent browsing of webapp directory contents Mitigation: Users should upgrade to Apache Atlas 0.8-incubating or later version -------------------------------------------------------------------------------------------------------
Current thread:
- CVE updates: fixes in Apache Atlas 0.8-incubating Madhan Neethiraj (May 23)