Author: hfnukal
Date: 2012-06-28 10:36:26 -0400 (Thu, 28 Jun 2012)
New Revision: 8752
Modified:
epp/portal/branches/EPP_5_2_Branch/distribution/jboss-epp/serverAddon/gatein.ear/pom.xml
Log:
Bug 804897 - EMBARGOED CVE-2012-1167 JBoss: authentication bypass when running under JACC
with ignoreBaseDecision on JBossWebRealm
Modified:
epp/portal/branches/EPP_5_2_Branch/distribution/jboss-epp/serverAddon/gatein.ear/pom.xml
===================================================================
---
epp/portal/branches/EPP_5_2_Branch/distribution/jboss-epp/serverAddon/gatein.ear/pom.xml 2012-06-27
12:55:08 UTC (rev 8751)
+++
epp/portal/branches/EPP_5_2_Branch/distribution/jboss-epp/serverAddon/gatein.ear/pom.xml 2012-06-28
14:36:26 UTC (rev 8752)
@@ -1321,12 +1321,12 @@
</dependency>
<!-- included in EAP endorsed dir -->
-<!-- <dependency>
+ <dependency>
<artifactId>xercesImpl</artifactId>
- <groupId>apache-xerces</groupId>
+ <groupId>xerces</groupId>
<type>jar</type>
- <version>2.9.1</version>
- </dependency>-->
+ <version>2.9.1-patch-01</version>
+ </dependency>
</dependencies>
<build>