Is this something that requires our attention?
-------- Original Message --------
Y'all see this yet?
-------- Original Message --------
Subject: FYI: JSF Known Issue
Date: Tue, 8 Jun 2010 11:35:41 -0400
From: Steve 'Ashcrow' Milner <smilner@redhat.com>
To: Chris Bredesen <cbredesen@redhat.com>
http://www.theregister.co.uk/2010/06/08/padding_oracle_attack_tool/
"The researchers tested the attack in JavaServer Faces implemented
into the Apache webserver, as well as Sun's Mojarra. They said many
other implementations are also likely to be vulnerable."
--
kthxbye!
Steve 'Ashcrow' Milner
Agent of Infosec
RHCE:
https://www.redhat.com/training/certification/verify/?certno=805009277242449
ITIL Foundation: c.721843
IRC: ashcrow
GnuPG ID: 28DFD4BE
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/IT/MU/O d-- s:+> a- C+++$ UBL+++$ P++@ L+++$>++++ !E--> W+++$ !N-
!o K--? !w-- !O- M- !V- PS PE+ Y+ PGP+++ t+ !5 !X R tv+ b+>++ DI+ !D-
G e h !r>+++ y?
------END GEEK CODE BLOCK------
"In the heat of conversation I may have said certain things I believe
to be untrue. The alleged lie that you might have heard me saying
allegedly moments ago ... that's a parasite that lives in my neck."
-- Tad Ghostal