Uploaded image for project: 'JBoss Web Services'
  1. JBoss Web Services
  2. JBWS-4398

Upgrade santuario to 3.0.3 (addresses CVE-2023-44483)

XMLWordPrintable

    • Icon: Component Upgrade Component Upgrade
    • Resolution: Done
    • Icon: Major Major
    • jbossws-cxf-7.1.0.Final
    • jbossws-cxf-7.0.0.Final
    • jbossws-cxf
    • None

      Upgrade santuario(xmlsec) from 3.0.2 to 3.0.3 . 

      Release notes : https://issues.apache.org/jira/projects/SANTUARIO/versions/12353074

      This upgrade includes the fix for  CVE-2023-44483: Apache Santuario: Private Key disclosure in debug-log output

      (https://nvd.nist.gov/vuln/detail/CVE-2023-44483)

       

              rhn-engineering-ema Jim Ma
              rhn-engineering-ema Jim Ma
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: