What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-10175
2015-06-20 13:33:40
--------------------------------------------------------------------------------

Name        : opensaml-java-openws
Product     : Fedora 21
Version     : 1.5.5
Release     : 2.fc21
URL         : http://www.opensaml.org/
Summary     : Java OpenWS library
Description :
The OpenWS library provides a growing set of tools to work with web services at
a low level. These tools include classes for creating and reading SOAP
messages, transport-independent clients for connecting to web services,
and various transports for use with those clients.

--------------------------------------------------------------------------------
Update Information:

* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 16 2015 Marek Goldmann  - 1.5.5-2
- Use mvn BR for tomcat API
* Fri May  8 2015 Marek Goldmann  - 1.5.5-1
- Upstream release 1.5.5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1131823 - CVE-2014-3603 OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
        https://bugzilla.redhat.com/show_bug.cgi?id=1131823
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update opensaml-java-openws' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Fedora 21: opensaml-java-openws Security Update

August 7, 2015
* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification

Summary

The OpenWS library provides a growing set of tools to work with web services at

a low level. These tools include classes for creating and reading SOAP

messages, transport-independent clients for connecting to web services,

and various transports for use with those clients.

Update Information:

* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification

Change Log

* Tue Jun 16 2015 Marek Goldmann - 1.5.5-2 - Use mvn BR for tomcat API * Fri May 8 2015 Marek Goldmann - 1.5.5-1 - Upstream release 1.5.5

References

[ 1 ] Bug #1131823 - CVE-2014-3603 OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification https://bugzilla.redhat.com/show_bug.cgi?id=1131823

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update opensaml-java-openws' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : opensaml-java-openws
Product : Fedora 21
Version : 1.5.5
Release : 2.fc21
URL : http://www.opensaml.org/
Summary : Java OpenWS library

Related News

Use Cockpit for Linux Remote Server Administration

Mar 2, 2023

What Is OpenSSL?

Feb 21, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo