Loading...

XML

Word

Printable

Type: Component Upgrade
Resolution: Done
Priority: Major
Fix Version/s: 30.0.1.Final, 31.0.0.Beta1, 31.0.0.Final
Affects Version/s: 30.0.0.Final
Component/s: Web Services
Labels:
None

[QE] How to address?:
---
[QE] Why QE missed?:
---

Upgrade santuario(xmlsec) from 3.0.2 to 3.0.3 .

Release notes : https://issues.apache.org/jira/projects/SANTUARIO/versions/12353074

This upgrade includes the fix for CVE-2023-44483: Apache Santuario: Private Key disclosure in debug-log output

(https://nvd.nist.gov/vuln/detail/CVE-2023-44483)

is cloned by

JBWS-4398 Upgrade santuario to 3.0.3 (addresses CVE-2023-44483)

Resolved

JBEAP-25943 Upgrade santuario to 3.0.3

Closed

Assignee:: Jim Ma

Reporter:: Jim Ma

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2023/10/24 3:31 AM

Updated:: 2024/01/24 7:06 PM

Resolved:: 2023/10/25 9:32 PM