Fedora 22: FEDORA-2015-10235 Critical Update: OpenSAML Java Hostname Issue
fedora
August 7, 2015
* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
Summary
OpenSAML is a set of open source C++ & Java libraries meant to support
developers working with the Security Assertion Markup Language (SAML).
OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0.
Update Information:
* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
Topics Covered
Change Log
* Tue Jun 16 2015 Marek Goldmann
References
[ 1 ] Bug #1131823 - CVE-2014-3603 OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
https://bugzilla.redhat.com/show_bug.cgi?id=1131823
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update opensaml-java' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: opensaml-java
Product: Fedora 22
Version: 2.5.3
Release: 9.fc22
URL: /
Summary: Java OpenSAML library
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!