hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aki Yoshida <elak...@gmail.com>
Subject Question on CVE-2015-526
Date Thu, 05 Nov 2015 12:12:10 GMT
I have a question about CVE-2015-5262 [1] which talks about an issue
regarding Httpclient before version 4.3.6. The referred jira ticket
HTTPCLIENT-1478 [2] from there mentions that this issue has been fixed
in 4.3.4.

Could someone clarify the situation? Is there indeed an issue with
4.3.4 and 4.3.5 which is for security reasons not publicly linked from
the above CVE or if there is an error in either of the documents?

Regards, Aki
[1] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5262
[2] https://issues.apache.org/jira/browse/HTTPCLIENT-1478

To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org

View raw message