Author: buildbot
Date: Wed Dec 12 11:48:02 2012
New Revision: 841854
Log:
Production update by buildbot for cxf
Modified:
websites/production/cxf/content/cache/main.pageCache
websites/production/cxf/content/security-advisories.html
Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/cxf/content/security-advisories.html
==============================================================================
--- websites/production/cxf/content/security-advisories.html (original)
+++ websites/production/cxf/content/security-advisories.html Wed Dec 12
11:48:02 2012
@@ -136,7 +136,7 @@ Apache CXF -- Security Advisories
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><ul><li><a shape="rect"
href="note-on-cve-2011-2487.html" title="Note on CVE-2011-2487">Note on
CVE-2011-2487</a> - jbossws: Prone to Bleichenbacher attack against to be
distributed symmetric key.</li><li><a shape="rect" href="cve-2012-3451.html"
title="CVE-2012-3451">CVE-2012-3451</a> - Apache CXF is vulnerable to SOAP
Action spoofing attacks on Document Literal web services.</li><li><a
shape="rect" href="cve-2012-2379.html" title="CVE-2012-2379">CVE-2012-2379</a>
- Apache CXF does not verify that elements were signed or encrypted by a
particular Supporting Token.</li><li><a shape="rect" href="cve-2012-2378.html"
title="CVE-2012-2378">CVE-2012-2378</a> - Apache CXF does not pick up some
child policies of WS-SecurityPolicy 1.1 SupportingToken policy assertions on
the client side.</li><li><a shape="rect" href="note-on-cve-2011-1096.html"
title="Note on CVE-2011-1096">Note on CVE-2011-1096</a> - XML Encryption flaw /
Character pattern encoding attac
k.</li><li><a shape="rect" href="cve-2012-0803.html"
title="CVE-2012-0803">CVE-2012-0803</a> - Apache CXF does not validate
UsernameToken policies correctly.</li><li><a shape="rect" class="external-link"
href="http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf";>CVE-2010-2076</a>
- DTD based XML attacks.</li></ul>
+<div id="ConfluenceContent"><ul><li><a shape="rect"
href="note-on-cve-2011-2487.html" title="Note on CVE-2011-2487">Note on
CVE-2011-2487</a> - Bleichenbacher attack against distributed symmetric key in
WS-Security.</li><li><a shape="rect" href="cve-2012-3451.html"
title="CVE-2012-3451">CVE-2012-3451</a> - Apache CXF is vulnerable to SOAP
Action spoofing attacks on Document Literal web services.</li><li><a
shape="rect" href="cve-2012-2379.html" title="CVE-2012-2379">CVE-2012-2379</a>
- Apache CXF does not verify that elements were signed or encrypted by a
particular Supporting Token.</li><li><a shape="rect" href="cve-2012-2378.html"
title="CVE-2012-2378">CVE-2012-2378</a> - Apache CXF does not pick up some
child policies of WS-SecurityPolicy 1.1 SupportingToken policy assertions on
the client side.</li><li><a shape="rect" href="note-on-cve-2011-1096.html"
title="Note on CVE-2011-1096">Note on CVE-2011-1096</a> - XML Encryption flaw /
Character pattern encoding attack.</li><l
i><a shape="rect" href="cve-2012-0803.html"
title="CVE-2012-0803">CVE-2012-0803</a> - Apache CXF does not validate
UsernameToken policies correctly.</li><li><a shape="rect" class="external-link"
href="http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf";>CVE-2010-2076</a>
- DTD based XML attacks.</li></ul>
</div>
</div>
<!-- Content -->
