Fedora 25: 2016-2361e1e07a Moderate: cxf XSS and XXE Fix

fedora

December 31, 2016

fixes CVE-2016-6812 CVE-2016-8739 (rhbz#1406810,1406811,1406813)

Summary

Apache CXF is an open-source services framework that aids in

the development of services using front-end programming APIs,

like JAX-WS and JAX-RS.

Update Information:

fixes CVE-2016-6812 CVE-2016-8739 (rhbz#1406810,1406811,1406813)

Topics Covered

security advisory update Fedora XSS apache XXE cxf

Change Log

References

[ 1 ] Bug #1406810 - CVE-2016-6812 apache-cxf: XSS in Apache CXF FormattedServiceListWriter https://bugzilla.redhat.com/show_bug.cgi?id=1406810 [ 2 ] Bug #1406811 - CVE-2016-8739 apache-cxf: Atom entity provider of Apache CXF JAX-RS is vulnerable to XXE https://bugzilla.redhat.com/show_bug.cgi?id=1406811

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade cxf' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: cxf

Product: Fedora 25

Version: 3.1.6

Release: 3.fc25

URL: https://cxf.apache.org/

Summary: Apache CXF

Topics Covered

security advisory update Fedora XSS apache XXE cxf

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Fedora 25: 2016-2361e1e07a Moderate: cxf XSS and XXE Fix

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Fedora 25: 2016-2361e1e07a Moderate: cxf XSS and XXE Fix

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!