Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 16 Mar 2015 22:38:51 +0100
From: Christian Mueller <cmueller@...che.org>
To: "dev@...el.apache.org" <dev@...el.apache.org>, users@...el.apache.org, 
	"security@...che.org" <security@...che.org>, oss-security@...ts.openwall.com, 
	bugtraq@...urityfocus.com
Cc: "Siano, Stephan" <stephan.siano@....com>, 
	"private@...el.apache.org" <private@...el.apache.org>
Subject: CVE-2015-0263 and CVE-2015-0264 - Apache Camel medium disclosure vulnerability

If you are using Apache Camel to route XML messages, please note that the
security advisories CVE-2015-0263 and CVE-2015-0264 may affect you.

Please study these critical security vulnerability carefully!

CVE-2015-0263 [1]
CVE-2015-0264 [2]

You can download the fixed Apache Camel 2.13.x and 2.14.x version from the
Apache mirrors [3] or from the Central Maven repository.

[1]
http://camel.apache.org/security-advisories.data/CVE-2015-0263.txt.asc?version=1&modificationDate=1426539178647&api=v2
[2]
http://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc?version=1&modificationDate=1426539191142&api=v2
[3] http://camel.apache.org/download

On behalf of the Camel PMC,
Christian Mueller
-----------------

Software Integration Specialist

Apache Member
V.P. Apache Camel | Apache Camel PMC Member | Apache Camel committer
Apache Incubator PMC Member

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ