geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Murthy, Avaneesh (Avaneesh)" <>
Subject CVE-2011-5034 Vulnerablity query
Date Mon, 23 Apr 2012 10:59:32 GMT


I was wondering if you have any suggestions on how to deal with the
vulnerability by changing configuration on the web server.


CVE-2011-5034 "Hash values for form parameters computed without
restricting hash collisions causing a denial of service"


Or is there a fix planned in the coming releases of Apache Geronimo jars



View raw message