oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: XXE vulnerability in Restlet

From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 29 May 2012 11:09:20 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/29/2012 04:38 AM, Nicolas Grégoire wrote:

Hello,

version 2.0.14 of the Restlet Java Framework corrects an XML
External Entity vulnerability: 
http://blog.restlet.com/2012/05/23/restlet-framework-2-1-rc5-and-2-0-14-released/

 Regards, Nicolas


Please use CVE-2012-2656 for this issue. Also is there a specific
source file/etc that contains the fix?


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPxQLAAAoJEBYNRVNeJnmTt0kP/3EsNgiHZJG2jKSSAQ62xfeo
3SBLZ18X9r2I8kARkhgxo1SJrTWVPoO8vh7XZ1WBkPhErxTq7zHKHONJ3Eo9QfJu
oChBtaXV8Ot7P85ggkposlzcBc6bLY+dL9n1DS7oQKnJOfsYD43SSEMt/uEiWpzH
gbUnevdKlE1BEbuMf2kffhdw3TV9ccfCkhlp2ZII9WjnEN4nSmz68U4JfuKkK7H9
VZGDbCgkSd14iRRgcvuARJfa4nFrkH9R7qCcs1HcCym/clPz9iXig6bISfWCxmxr
tp6McA8ZRz8ANhehc+qxjUhkRfdlwK8FWlOQlZEs5HJ4ZTbs9fY+f47veLd5JKrF
hRU4bTDmJBkwVqj+ZnZSvF4bt62PlSPCuvde7cn8VpdwUSFlwluXPLvENNTYQXPa
a225ScMWdqwMKZumJ0/BneIwFO+xToBz6nCRJWDp6ASIqOvwQ6Fx6ojcTKmZz+3X
gnrW/Iu3gc98o3rnxY/nEg77EJaG0PKGIo21QIhy92ap1NiOP6idwZw7UpxECFRd
FvljD6OQ+xhe4viXWvosQB3v8WyAsBnRSLef6Gjhh7kMV+YovGabwD0O7synAYa+
MoH+AjUwKa3Pho0YG/tOZFfznLr1N/wP9pGsOoheDsTQ7/0bKpeb826BB0O+efuS
TJOqwhutSDdqn3+NLADb
=YfAp
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: