[seam-commits] Seam SVN: r13531 - branches/community/Seam_2_2.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Fri Jul 30 07:11:00 EDT 2010
Author: manaRH
Date: 2010-07-30 07:11:00 -0400 (Fri, 30 Jul 2010)
New Revision: 13531
Modified:
branches/community/Seam_2_2/changelog.txt
Log:
added additional comment to issue JBSEAM-4676
Modified: branches/community/Seam_2_2/changelog.txt
===================================================================
--- branches/community/Seam_2_2/changelog.txt 2010-07-30 11:08:28 UTC (rev 13530)
+++ branches/community/Seam_2_2/changelog.txt 2010-07-30 11:11:00 UTC (rev 13531)
@@ -31,7 +31,7 @@
* [JBSEAM-4666] - QueueConnection.stop() can not be called from an EJB containrer as stated in JEE5 spec section EE 6.6
* [JBSEAM-4669] - Major java deadlock between BijectionInterceptor and Component since the getInstanceFromFactory method is synchronized
* [JBSEAM-4671] - XML texts in the chapter for WebSphere do not render correctly in HTML + light refresh of the chapter
- * [JBSEAM-4676] - Seam param - disabling EL expression evaluation
+ * [JBSEAM-4676] - Seam param - disabling EL expression evaluation - this fixes CVE-2010-1871 and JBoss would like to thank Meder Kydyraliev of the Google Security Team for responsibly reporting this issue
* [JBSEAM-4677] - Transaction Interceptor leaks transactions
** Patch
More information about the seam-commits
mailing list