tiles-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Reddin <gred...@gmail.com>
Subject Re: [SECURITY] Frame injection vulnerability in published Javadoc
Date Sat, 22 Jun 2013 18:52:03 GMT
Thanks, Nicolas.


On Sat, Jun 22, 2013 at 10:26 AM, Nicolas LE BAS <mail@nlebas.net> wrote:

> Hi all,
>
> Since it is a urgent security matter, I've completed the task and I'm
> asking for approval of the PMC after the deed. Thanks for your
> understanding.
>
> I applied the patch provided by Oracle and published the result
> immediately.
>
> The affected files were:
>
> tiles-showcase/apidocs/index.html
> eval/apidocs/index.html
> 2.0/framework/apidocs/index.html
> 2.0/framework/testapidocs/index.html
> framework/apidocs/index.html
> framework/testapidocs/index.html
> tiles-autotag/apidocs/index.html
> tiles-request/apidocs/index.html
> 2.1/framework/apidocs/index.html
> 2.1/framework/testapidocs/index.html
> 2.2/framework/apidocs/index.html
> 2.2/framework/testapidocs/index.html
>
> Please know that any comments will be considered with attention.
>
> Thanks,
>
> Nick.
>
> -------- Original Message --------
> Subject: [SECURITY] Frame injection vulnerability in published Javadoc
>
> Hi All,
>
> Oracle has announced [1], [2] a frame injection vulnerability in Javadoc
> generated by Java 5, Java 6 and Java 7 before update 22.
>
> [...]
>
> [1]
>
> http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
> [2] http://www.kb.cert.org/vuls/id/225657
>
> Project                 Instances
> [...]
> tiles.apache.org        12
> [...]
>
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message