Fedora 21: Security Advisory for OpenSAML Java Hostname Issue
fedora
August 7, 2015
* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
Summary
The OpenWS library provides a growing set of tools to work with web services at
a low level. These tools include classes for creating and reading SOAP
messages, transport-independent clients for connecting to web services,
and various transports for use with those clients.
Update Information:
* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
Topics Covered
Change Log
* Tue Jun 16 2015 Marek Goldmann
References
[ 1 ] Bug #1131823 - CVE-2014-3603 OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
https://bugzilla.redhat.com/show_bug.cgi?id=1131823
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update opensaml-java-openws' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: opensaml-java-openws
Product: Fedora 21
Version: 1.5.5
Release: 2.fc21
URL: /
Summary: Java OpenWS library
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!