Hi everyone,
I, in the name of Apache James PMCs, am glad to announce you the release
version 3.0.1 of Apache James server.
It fixes vulnerability described in CVE-2017-12628. The JMX server, also
used by the command line client is exposed to a java de-serialization
issue, and thus can be used
CVE-2017-12629: Several critical vulnerabilities discovered in Apache
Solr (XXE & RCE)
Severity: Critical
Vendor:
The Apache Software Foundation
Versions Affected:
Solr 5.5.0 to 5.5.4
Solr 6.0.0 to 6.6.1
Solr 7.0.0 to 7.0.1
Description:
The details of this vulnerability were reported on public
[this announcement is available online at https://s.apache.org/P2EH ]
Latest, secure version of leading Open Source office application and
personal productivity suite for Windows, Linux, and Mac now available in
41 languages.
Forest Hill, MD —19 October 2017— The Apache Software Foundation