Fedora 25: cxf Security Update
Summary
Apache CXF is an open-source services framework that aids in
the development of services using front-end programming APIs,
like JAX-WS and JAX-RS.
Update Information:
fix CVE-2017-3156 (rhbz#1425455,1425458)
Change Log
References
[ 1 ] Bug #1425455 - CVE-2017-3156 cxf: CXF OAuth2 Hawk and JOSE MAC Validation code are vulnerable to timing attacks https://bugzilla.redhat.com/show_bug.cgi?id=1425455
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade cxf' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html