Stay Secure with the Latest Linux Advisories

security advisorycritical issuecritical

Fedora 32: FEDORA-2020-239503f5fa Critical: Resteasy Response Header Issue

Security fix for CVE-2020-1695. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-239503f5fa 2020-12-09 01:22:22.200655 --------------------------------------------------------------------------------Name : resteasy Product : Fedora 32 Version : 3.0.26 Release : 6.fc32 URL : https://resteasy.dev/ Summary : Framework for RESTful Web services and Java applications Description : RESTEasy contains a JBoss project that provides frameworks to help build RESTful Web Services and RESTful Java applications. It is a fully certified and portable implementation of the JAX-RS specification. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2020-1695 --------------------------------------------------------------------------------ChangeLog: * Mon Nov 30 2020 Alexander Scheel - 3.0.26-6 - CVE-2020-1695: Improper validation of response header in MediaTypeHeaderDelegate.java class Resolves: rh-bz#1845547 --------------------------------------------------------------------------------References: [ 1 ] Bug #1730462 - CVE-2020-1695 resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class https://bugzilla.redhat.com/show_bug.cgi?id=1730462 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-239503f5fa' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Alert on security patch for Fedora 32's RESTEasy component, correcting inadequate verification of response headers.. Fedora Security, RESTEasy Update, CVE-2020, Java Framework, RESTful Services. . Severity: Critical. LinuxSecurity.com Team

Dec 08, 2020 •Critical Fedora