Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 30 Nov 2017 11:05:45 +0000
From: Colm O hEigeartaigh <>
To: "" <>, "" <>,,
Cc: Apache Security Response Team <>
Subject: Apache CXF Fediz 1.4.3 and 1.3.3 released with a new security
 advisory CVE-2017-12631

Apache CXF Fediz is a subproject of CXF. Fediz helps you to secure your web
applications and delegates security enforcement to the underlying
application server.

Apache CXF Fediz 1.4.3 and 1.3.3 are released along with a new security
advisory that is fixed in these releases:

CVE-2017-12631: CSRF vulnerabilities in the Apache CXF Fediz Spring plugins.

Users who are using the Spring security plugins of Apache CXF Fediz should
upgrade immediately to the latest releases.


Colm O hEigeartaigh

Talend Community Coder

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ