tiles-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nicolas LE BAS <m...@nlebas.net>
Subject [SECURITY] Frame injection vulnerability in published Javadoc
Date Sat, 22 Jun 2013 15:26:36 GMT
Hi all,

Since it is a urgent security matter, I've completed the task and I'm
asking for approval of the PMC after the deed. Thanks for your
understanding.

I applied the patch provided by Oracle and published the result
immediately.

The affected files were:

tiles-showcase/apidocs/index.html
eval/apidocs/index.html
2.0/framework/apidocs/index.html
2.0/framework/testapidocs/index.html
framework/apidocs/index.html
framework/testapidocs/index.html
tiles-autotag/apidocs/index.html
tiles-request/apidocs/index.html
2.1/framework/apidocs/index.html
2.1/framework/testapidocs/index.html
2.2/framework/apidocs/index.html
2.2/framework/testapidocs/index.html

Please know that any comments will be considered with attention.

Thanks,

Nick.

-------- Original Message --------
Subject: [SECURITY] Frame injection vulnerability in published Javadoc

Hi All,

Oracle has announced [1], [2] a frame injection vulnerability in Javadoc
generated by Java 5, Java 6 and Java 7 before update 22.

[...]

[1]
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
[2] http://www.kb.cert.org/vuls/id/225657

Project			Instances
[...]
tiles.apache.org	12
[...]




Mime
View raw message