[JBoss JIRA] (JBSEAM-5132) Two XXE security issues in Seam remoting

Tuesday, 21 January 2014



     [
https://issues.jboss.org/browse/JBSEAM-5132?page=com.atlassian.jira.plugi...
]

Marek Novotny moved WFK2-382 to JBSEAM-5132:
--------------------------------------------

              Project: Seam 2  (was: JBoss WFK 2)
                  Key: JBSEAM-5132  (was: WFK2-382)
             Workflow: GIT Pull Request workflow   (was: CDW v1)
    Affects Version/s: 2.3.1.Final
                           (was: 2.4.0.GA)
          Component/s: Remoting
                           (was: Seam 2)
             Security:     (was: JBoss Internal)
        Fix Version/s: 2.3.2.CR1
                           (was: 2.5.0.ER1)
       Target Release:   (was: 2.5.0.GA)

    
...
 Two XXE security issues in Seam remoting
 ----------------------------------------

                 Key: JBSEAM-5132
                 URL: https://issues.jboss.org/browse/JBSEAM-5132
             Project: Seam 2
          Issue Type: Bug
          Components: Remoting
    Affects Versions: 2.3.1.Final
            Reporter: David Jorm
            Assignee: Marek Novotny
            Priority: Critical
             Fix For: 2.3.2.CR1


 WFK 2.4.0 is affected by two Seam security flaws:
 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6447
 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6448
 A WFK tracking bug in BZ is here:
 https://bugzilla.redhat.com/show_bug.cgi?id=1052099
 These flaws are embargoed, and we need to produce patches for our products before pushing
the fixes upstream. 
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006