Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Fedora: 2014-16845 Critical: RESTEasy XXE Security Update

fedora
Calendar Grey April 24, 2015
Scroller Fedora
Protection update for RESTEasy CVE-2014-3490 is released with Fedora 20 upgrade. Safeguard your system's safety today!
Security fix for CVE-2014-3490

Summary

RESTEasy contains a JBoss project that provides frameworks to help

build RESTful Web Services and RESTful Java applications. It is a fully

certified and portable implementation of the JAX-RS specification.

Update Information:

Security fix for CVE-2014-3490

Change Log

* Wed Dec 10 2014 Ade Lee - 3.0.6-3 - Add fix for CVE-2014-3490 * Tue Jan 14 2014 Marek Goldmann - 3.0.6-2 - Support for Netty 4 in Rawhide * Fri Jan 10 2014 Marek Goldmann - 3.0.6-1 - Upstream release 3.0.6.Final

References


[ 1 ] Bug #1107901 - CVE-2014-3490 RESTEasy: XXE via parameter entities https://bugzilla.redhat.com/show_bug.cgi?id=1107901

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update resteasy' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: resteasy
Product: Fedora 20
Version: 3.0.6
Release: 3.fc20
Summary: Framework for RESTful Web services and Java applications

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.