cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jonathan Anstey (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-5565) update to opensaml 2.6.1
Date Tue, 18 Feb 2014 13:50:19 GMT

    [ https://issues.apache.org/jira/browse/CXF-5565?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13904047#comment-13904047
] 

Jonathan Anstey commented on CXF-5565:
--------------------------------------

Dan, that doesn't sounds like fun :-) Do you usually do this for opensaml? I wonder if they
would accept a patch to fix up those broken poms so it would be easier next time.

Colm, thanks for that. Certainly lessens the severity (or completely as you said) of CVE-2013-6440
in this case.

> update to opensaml 2.6.1
> ------------------------
>
>                 Key: CXF-5565
>                 URL: https://issues.apache.org/jira/browse/CXF-5565
>             Project: CXF
>          Issue Type: Task
>            Reporter: Jonathan Anstey
>         Attachments: CXF-5565.patch
>
>
> Fixes CVE-2013-6440. Waiting for SMX bundles release to complete first though.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message