'[jira] [Created] (WSS-707) Update Santuario to fix CVE-2023-44483'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       woden-dev
Subject:    [jira] [Created] (WSS-707) Update Santuario to fix CVE-2023-44483
From:       "Colm O hEigeartaigh (Jira)" <jira () apache ! org>
Date:       2023-10-24 3:09:00
Message-ID: JIRA.13555270.1698116893000.174420.1698116940011 () Atlassian ! JIRA
[Download RAW message or body]

Colm O hEigeartaigh created WSS-707:
---------------------------------------

             Summary: Update Santuario to fix CVE-2023-44483
                 Key: WSS-707
                 URL: https://issues.apache.org/jira/browse/WSS-707
             Project: WSS4J
          Issue Type: Bug
            Reporter: Colm O hEigeartaigh
            Assignee: Colm O hEigeartaigh
             Fix For: 3.0.2, 2.4.3, 2.3.5, 4.0.0


Versions 4.0.0, 3.0.3, 2.3.4 and 2.2.6 of the Apache XML Security for Java library \
                have been released. A security advisory has been fixed in these \
                releases:
 * CVE-2023-44483: Apache Santuario: Private Key disclosure in debug-log output



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic