oss-sec mailing list archives
Re: CVE Request: XXE vulnerability in Restlet
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 29 May 2012 11:09:20 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/29/2012 04:38 AM, Nicolas Grégoire wrote:
Hello, version 2.0.14 of the Restlet Java Framework corrects an XML External Entity vulnerability: http://blog.restlet.com/2012/05/23/restlet-framework-2-1-rc5-and-2-0-14-released/ Regards, Nicolas
Please use CVE-2012-2656 for this issue. Also is there a specific source file/etc that contains the fix? - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJPxQLAAAoJEBYNRVNeJnmTt0kP/3EsNgiHZJG2jKSSAQ62xfeo 3SBLZ18X9r2I8kARkhgxo1SJrTWVPoO8vh7XZ1WBkPhErxTq7zHKHONJ3Eo9QfJu oChBtaXV8Ot7P85ggkposlzcBc6bLY+dL9n1DS7oQKnJOfsYD43SSEMt/uEiWpzH gbUnevdKlE1BEbuMf2kffhdw3TV9ccfCkhlp2ZII9WjnEN4nSmz68U4JfuKkK7H9 VZGDbCgkSd14iRRgcvuARJfa4nFrkH9R7qCcs1HcCym/clPz9iXig6bISfWCxmxr tp6McA8ZRz8ANhehc+qxjUhkRfdlwK8FWlOQlZEs5HJ4ZTbs9fY+f47veLd5JKrF hRU4bTDmJBkwVqj+ZnZSvF4bt62PlSPCuvde7cn8VpdwUSFlwluXPLvENNTYQXPa a225ScMWdqwMKZumJ0/BneIwFO+xToBz6nCRJWDp6ASIqOvwQ6Fx6ojcTKmZz+3X gnrW/Iu3gc98o3rnxY/nEg77EJaG0PKGIo21QIhy92ap1NiOP6idwZw7UpxECFRd FvljD6OQ+xhe4viXWvosQB3v8WyAsBnRSLef6Gjhh7kMV+YovGabwD0O7synAYa+ MoH+AjUwKa3Pho0YG/tOZFfznLr1N/wP9pGsOoheDsTQ7/0bKpeb826BB0O+efuS TJOqwhutSDdqn3+NLADb =YfAp -----END PGP SIGNATURE-----
Current thread:
- CVE Request: XXE vulnerability in Restlet Nicolas Grégoire (May 29)
- Re: CVE Request: XXE vulnerability in Restlet Kurt Seifried (May 29)
- Re: CVE Request: XXE vulnerability in Restlet Nicolas Grégoire (May 29)
- Re: CVE Request: XXE vulnerability in Restlet Kurt Seifried (May 29)