[seam-issues] [JBoss JIRA] (JBSEAM-5132) Two XXE security issues in Seam remoting
Marek Novotny (JIRA)
issues at jboss.org
Tue Jan 21 10:50:28 EST 2014
[ https://issues.jboss.org/browse/JBSEAM-5132?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Marek Novotny updated JBSEAM-5132:
----------------------------------
Description:
Seam remoting is impacted by 2 XXE security flaws:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6447
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6448
was:
WFK 2.4.0 is affected by two Seam security flaws:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6447
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6448
A WFK tracking bug in BZ is here:
https://bugzilla.redhat.com/show_bug.cgi?id=1052099
These flaws are embargoed, and we need to produce patches for our products before pushing the fixes upstream.
> Two XXE security issues in Seam remoting
> ----------------------------------------
>
> Key: JBSEAM-5132
> URL: https://issues.jboss.org/browse/JBSEAM-5132
> Project: Seam 2
> Issue Type: Bug
> Components: Remoting
> Affects Versions: 2.3.1.Final
> Reporter: David Jorm
> Assignee: Marek Novotny
> Priority: Critical
> Fix For: 2.3.2.CR1
>
>
> Seam remoting is impacted by 2 XXE security flaws:
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6447
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6448
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list