cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r841854 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.html
Date Wed, 12 Dec 2012 11:48:03 GMT
Author: buildbot
Date: Wed Dec 12 11:48:02 2012
New Revision: 841854

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/main.pageCache
    websites/production/cxf/content/security-advisories.html

Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/security-advisories.html
==============================================================================
--- websites/production/cxf/content/security-advisories.html (original)
+++ websites/production/cxf/content/security-advisories.html Wed Dec 12 11:48:02 2012
@@ -136,7 +136,7 @@ Apache CXF -- Security Advisories
          <td height="100%">
            <!-- Content -->
            <div class="wiki-content">
-<div id="ConfluenceContent"><ul><li><a shape="rect" href="note-on-cve-2011-2487.html"
title="Note on CVE-2011-2487">Note on CVE-2011-2487</a> - jbossws: Prone to Bleichenbacher
attack against to be distributed symmetric key.</li><li><a shape="rect" href="cve-2012-3451.html"
title="CVE-2012-3451">CVE-2012-3451</a> - Apache CXF is vulnerable to SOAP Action
spoofing attacks on Document Literal web services.</li><li><a shape="rect"
href="cve-2012-2379.html" title="CVE-2012-2379">CVE-2012-2379</a> - Apache CXF does
not verify that elements were signed or encrypted by a particular Supporting Token.</li><li><a
shape="rect" href="cve-2012-2378.html" title="CVE-2012-2378">CVE-2012-2378</a> -
Apache CXF does not pick up some child policies of WS-SecurityPolicy 1.1 SupportingToken policy
assertions on the client side.</li><li><a shape="rect" href="note-on-cve-2011-1096.html"
title="Note on CVE-2011-1096">Note on CVE-2011-1096</a> - XML Encryption flaw / Character
pattern encoding attac
 k.</li><li><a shape="rect" href="cve-2012-0803.html" title="CVE-2012-0803">CVE-2012-0803</a>
- Apache CXF does not validate UsernameToken policies correctly.</li><li><a
shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf">CVE-2010-2076</a>
- DTD based XML attacks.</li></ul>
+<div id="ConfluenceContent"><ul><li><a shape="rect" href="note-on-cve-2011-2487.html"
title="Note on CVE-2011-2487">Note on CVE-2011-2487</a> - Bleichenbacher attack against
distributed symmetric key in WS-Security.</li><li><a shape="rect" href="cve-2012-3451.html"
title="CVE-2012-3451">CVE-2012-3451</a> - Apache CXF is vulnerable to SOAP Action
spoofing attacks on Document Literal web services.</li><li><a shape="rect"
href="cve-2012-2379.html" title="CVE-2012-2379">CVE-2012-2379</a> - Apache CXF does
not verify that elements were signed or encrypted by a particular Supporting Token.</li><li><a
shape="rect" href="cve-2012-2378.html" title="CVE-2012-2378">CVE-2012-2378</a> -
Apache CXF does not pick up some child policies of WS-SecurityPolicy 1.1 SupportingToken policy
assertions on the client side.</li><li><a shape="rect" href="note-on-cve-2011-1096.html"
title="Note on CVE-2011-1096">Note on CVE-2011-1096</a> - XML Encryption flaw / Character
pattern encoding attack.</li><l
 i><a shape="rect" href="cve-2012-0803.html" title="CVE-2012-0803">CVE-2012-0803</a>
- Apache CXF does not validate UsernameToken policies correctly.</li><li><a
shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf">CVE-2010-2076</a>
- DTD based XML attacks.</li></ul>
 </div>
            </div>
            <!-- Content -->



Mime
View raw message