Loading...

XML

Word

Printable

Details

Type: Component Upgrade
Resolution: Done
Priority: Major
Fix Version/s: 8.0.0.GA-CR2, 8.0.0.GA
Affects Version/s: None
Component/s: Web Services
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
Target Release:

8.0.0.GA

SFDC Cases Counter:
SFDC Cases Links:

Description

Upgrade santuario(xmlsec) from 3.0.2 to 3.0.3 .

Release notes : https://issues.apache.org/jira/projects/SANTUARIO/versions/12353074

This upgrade includes the fix for CVE-2023-44483: Apache Santuario: Private Key disclosure in debug-log output

(https://nvd.nist.gov/vuln/detail/CVE-2023-44483)

Attachments

Issue Links

clones

WFLY-18685 Upgrade santuario to 3.0.3 (addresses CVE-2023-44483)

Resolved

is cloned by

JBEAP-25944 Upgrade santuario to 2.2.6 to include the CVE-2023-44483 fix

Closed

Activity

People

Assignee:: Jim Ma

Reporter:: Jim Ma

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2023/10/24 4:02 AM

Updated:: 2024/02/21 1:15 PM

Resolved:: 2023/10/26 2:57 PM