Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 14 Nov 2017 13:32:50 +0000
From: Colm O hEigeartaigh <coheigea@...che.org>
To: "users@....apache.org" <users@....apache.org>, "dev@....apache.org" <dev@....apache.org>, 
	Apache Security Response Team <security@...che.org>, announce@...che.org, oss-security@...ts.openwall.com
Cc: "Wang, Kevin X. (NSB - CN/Hangzhou)" <kevin.x.wang@...ia-sbell.com>
Subject: New security advisory CVE-2017-12624 released for Apache CXF

A new security advisory has been released for Apache CXF, that is fixed in
the recent 3.2.1 and 3.1.14 releases:

CVE-2017-12624: Apache CXF web services that process attachments are
vulnerable to Denial of Service (DoS) attacks

The full text of the advisory is available here:

http://cxf.apache.org/security-advisories.data/CVE-2017-12624.txt.asc

Colm.


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ