Author: buildbot
Date: Fri Feb  9 14:00:47 2018
New Revision: 1025119

Log:
Staging update by buildbot for juddi

Modified:
    websites/staging/juddi/trunk/content/   (props changed)
    websites/staging/juddi/trunk/content/security.html

Propchange: websites/staging/juddi/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Fri Feb  9 14:00:47 2018
@@ -1 +1 @@
-1816384
+1823656

Modified: websites/staging/juddi/trunk/content/security.html
==============================================================================
--- websites/staging/juddi/trunk/content/security.html (original)
+++ websites/staging/juddi/trunk/content/security.html Fri Feb  9 14:00:47 2018
@@ -172,7 +172,17 @@
 }
 h2:hover > .headerlink, h3:hover > .headerlink, h1:hover > .headerlink, 
h6:hover > .headerlink, h4:hover > .headerlink, h5:hover > .headerlink, 
dt:hover > .elementid-permalink { visibility: visible }</style>
 <h2 id="security-advisories-for-apache-juddi">Security Advisories for Apache 
jUDDI<a class="headerlink" href="#security-advisories-for-apache-juddi" 
title="Permanent link">&para;</a></h2>
-<h3 id="cveidcve-2015-5241">CVEID:CVE-2015-5241<a class="headerlink" 
href="#cveidcve-2015-5241" title="Permanent link">&para;</a></h3>
+<h3 id="cveid-cve-2009-4267">CVEID : <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4267";>CVE-2009-4267</a><a
 class="headerlink" href="#cveid-cve-2009-4267" title="Permanent 
link">&para;</a></h3>
+<p>VERSION:  3.0.0</p>
+<p>PROBLEMTYPE: Information Disclosure</p>
+<p>REFERENCES: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4267</p>
+<p>DISCRIPTION: The jUDDI console doesn't escape line feeds that were passed 
in the numRows parameter. This affects log integrity, as this allows 
authenticated users to forge log records.</p>
+<p>Severity: Moderate</p>
+<p>Mitigation:</p>
+<p>3.0.0 users should upgrade to jUDDI 3.0.1 or newer</p>
+<p>Credit:</p>
+<p>This issue was discovered by Marc Schoenefeld of Red Hat Software.</p>
+<h3 id="cveid-cve-2015-5241">CVEID: <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5241";>CVE-2015-5241</a><a
 class="headerlink" href="#cveid-cve-2015-5241" title="Permanent 
link">&para;</a></h3>
 <p>VERSION: 3.1.2, 3.1.3, 3.1.4, and 3.1.5 that utilize the portlets based 
user interface also known as 'Pluto', 'jUDDI Portal', 'UDDI Portal' or 
'uddi-console'</p>
 <p>PROBLEMTYPE: Open Redirect</p>
 <p>REFERENCES: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2015-5241</p>



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@juddi.apache.org
For additional commands, e-mail: commits-h...@juddi.apache.org

Reply via email to