Fedora: 25 Moderate: cxf Timing Attack Security Advisory

fedora

March 2, 2017

fix CVE-2017-3156 (rhbz#1425455,1425458)

Summary

Apache CXF is an open-source services framework that aids in

the development of services using front-end programming APIs,

like JAX-WS and JAX-RS.

Update Information:

fix CVE-2017-3156 (rhbz#1425455,1425458)

Topics Covered

security advisory security update Fedora timing attack cxf

Change Log

References

[ 1 ] Bug #1425455 - CVE-2017-3156 cxf: CXF OAuth2 Hawk and JOSE MAC Validation code are vulnerable to timing attacks https://bugzilla.redhat.com/show_bug.cgi?id=1425455

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade cxf' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: cxf

Product: Fedora 25

Version: 3.1.6

Release: 5.fc25

URL: https://cxf.apache.org/

Summary: Apache CXF

Topics Covered

security advisory security update Fedora timing attack cxf

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Fedora: 25 Moderate: cxf Timing Attack Security Advisory

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Fedora: 25 Moderate: cxf Timing Attack Security Advisory

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!