oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Two new security advisories for Apache CXF Fediz

From: Colm O hEigeartaigh <coheigea () apache org>
Date: Tue, 16 May 2017 16:59:51 +0100
All,

Two new security advisories are released that are fixed in the latest
Apache CXF Fediz releases:

a) CVE-2017-7661: The Apache CXF Fediz Jetty and Spring plugins are
vulnerable to CSRF attacks.

b) CVE-2017-7662: The Apache CXF Fediz OIDC Client Registration Service is
vulnerable to CSRF attacks

The security advisory texts are available at the following link - please
read them carefully if you are an Apache CXF Fediz user:

http://cxf.apache.org/security-advisories.html


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com
Previous By Date Next
Previous By Thread Next

Current thread: