Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 493
Alerts This Week
Warning Icon 1 493

Fedora 25 Security Advisory: Mojarra 2.2.13 Critical XSS Fix

fedora
Calendar Grey October 9, 2016
Dist Fedora Esm H88
Fedora 25 has launched an important Mojarra update to fix a major XSS vulnerability. Users should check the update notes and adhere to the installation guidelines for security
update to 2.2.13

Summary

JvaServer(TM) Faces technology simplifies building user interfaces for

JavaServer applications. Developers of various skill levels can quickly build

web applications by: assembling reusable UI components in a page; connecting

these components to an application data source; and wiring client-generated

events to server-side event handlers.

Update Information:

update to 2.2.13. fix CVE-2013-5855 rhbz#1087182,1065139

Change Log

References


[ 1 ] Bug #1065139 - CVE-2013-5855 Mojarra JSF: XSS due to insufficient escaping of user-supplied content in outputText tags and EL expressions https://bugzilla.redhat.com/show_bug.cgi?id=1065139

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update mojarra' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mojarra
Product: Fedora 25
Version: 2.2.13
Release: 1.fc25
Summary: JSF Reference Implementation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.