Guillaume Smet (
https://hibernate.atlassian.net/secure/ViewProfile.jspa?accountId=557058%...
) *commented* on HV-1498 (
https://hibernate.atlassian.net/browse/HV-1498?atlOrigin=eyJpIjoiMmViZTE4...
)
Re: Privilege escalation when running under the security manager (
https://hibernate.atlassian.net/browse/HV-1498?atlOrigin=eyJpIjoiMmViZTE4...
)
It basically says that it has been backported to the 5.2 branch but we haven't done
any 5.2 community release.
So all versions of community 5.2 are still vulnerable.
I would advise upgrading to a more recent version if you're worried about this flaw.
(
https://hibernate.atlassian.net/browse/HV-1498#add-comment?atlOrigin=eyJp...
) Add Comment (
https://hibernate.atlassian.net/browse/HV-1498#add-comment?atlOrigin=eyJp...
)
Get Jira notifications on your phone! Download the Jira Cloud app for Android (
https://play.google.com/store/apps/details?id=com.atlassian.android.jira....
) or iOS (
https://itunes.apple.com/app/apple-store/id1006972087?pt=696495&ct=Em...
) This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100142- sha1:98e8dd4 )