Uploaded image for project: 'JBoss Web Services'
  1. JBoss Web Services
  2. JBWS-4398

Upgrade santuario to 3.0.3 (addresses CVE-2023-44483)

    XMLWordPrintable

Details

    • Component Upgrade
    • Resolution: Done
    • Major
    • jbossws-cxf-7.1.0.Final
    • jbossws-cxf-7.0.0.Final
    • jbossws-cxf
    • None

    Description

      Upgrade santuario(xmlsec) from 3.0.2 to 3.0.3 . 

      Release notes : https://issues.apache.org/jira/projects/SANTUARIO/versions/12353074

      This upgrade includes the fix for  CVE-2023-44483: Apache Santuario: Private Key disclosure in debug-log output

      (https://nvd.nist.gov/vuln/detail/CVE-2023-44483)

       

      Attachments

        Issue Links

          Activity

            People

              rhn-engineering-ema Jim Ma
              rhn-engineering-ema Jim Ma
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: