[jboss-cvs] JBossAS SVN: r95720 - branches/JBPAPP_4_2_0_GA_CP/build.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Oct 28 21:53:58 EDT 2009
Author: permaine
Date: 2009-10-28 21:53:58 -0400 (Wed, 28 Oct 2009)
New Revision: 95720
Modified:
branches/JBPAPP_4_2_0_GA_CP/build/build-thirdparty.xml
Log:
JBPAPP-2460 CVE-2009-0217 XMLDsig HMAC-based signatures spoofing and authentication bypass
Modified: branches/JBPAPP_4_2_0_GA_CP/build/build-thirdparty.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/build/build-thirdparty.xml 2009-10-29 01:20:17 UTC (rev 95719)
+++ branches/JBPAPP_4_2_0_GA_CP/build/build-thirdparty.xml 2009-10-29 01:53:58 UTC (rev 95720)
@@ -80,7 +80,7 @@
<componentref name="apache-velocity" version="1.4jboss-brew"/>
<componentref name="apache-xalan" version="2.7.0.patch02-brew"/>
<componentref name="apache-xerces" version="2.7.1.patch02-brew"/>
- <componentref name="apache-xmlsec" version="1.3.0-brew"/>
+ <componentref name="apache-xmlsec" version="1.3.0.patch01-brew"/>
<componentref name="cglib" version="2.1.3dep-brew"/>
<componentref name="beanshell" version="1.3.0-brew"/>
<componentref name="dom4j" version="1.6.1-brew"/>
More information about the jboss-cvs-commits
mailing list