What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-10175
2015-06-20 13:33:40
--------------------------------------------------------------------------------

Name        : opensaml-java
Product     : Fedora 21
Version     : 2.5.3
Release     : 9.fc21
URL         : https://www.opensaml.org/
Summary     : Java OpenSAML library
Description :
OpenSAML is a set of open source C++ & Java libraries meant to support
developers working with the Security Assertion Markup Language (SAML).
OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0.

--------------------------------------------------------------------------------
Update Information:

* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 16 2015 Marek Goldmann  - 2.5.3-9
- Use mvn name for tomcat BR
* Fri May  8 2015 Marek Goldmann  - 2.5.3-8
- RHBZ#1132022, HTTPS Connections Via HTTP Resources Do Not Perform Hostname
  Verification
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1131823 - CVE-2014-3603 OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
        https://bugzilla.redhat.com/show_bug.cgi?id=1131823
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update opensaml-java' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Fedora 21: opensaml-java Security Update

August 7, 2015
* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification

Summary

OpenSAML is a set of open source C++ & Java libraries meant to support

developers working with the Security Assertion Markup Language (SAML).

OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0.

Update Information:

* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification

Change Log

* Tue Jun 16 2015 Marek Goldmann - 2.5.3-9 - Use mvn name for tomcat BR * Fri May 8 2015 Marek Goldmann - 2.5.3-8 - RHBZ#1132022, HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification

References

[ 1 ] Bug #1131823 - CVE-2014-3603 OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification https://bugzilla.redhat.com/show_bug.cgi?id=1131823

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update opensaml-java' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : opensaml-java
Product : Fedora 21
Version : 2.5.3
Release : 9.fc21
URL : https://www.opensaml.org/
Summary : Java OpenSAML library

Related News

Use Cockpit for Linux Remote Server Administration

Mar 2, 2023

What Is OpenSSL?

Feb 21, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo