[ANNOUNCE] Apache ShardingSphere UI 4.1.0 available

2020-05-10 Thread Zhang Yonglun
Hi all, Apache ShardingSphere Team is glad to announce the new release of Apache ShardingSphere UI 4.1.0. ShardingSphere is an open-source ecosystem consisted of a set of distributed database middleware solutions, including 2 independent products, Sharding-JDBC & Sharding-Proxy. They both

[CVE-2018-1285] XXE vulnerability in Apache log4net

2020-05-10 Thread Matt Sicker
Summary: Apache log4net does not disable XML external entities when parsing log4net configuration files. This could allow for XXE-based attacks in applications that accept arbitrary configuration files from users. [1] Affected: log4net up to 2.0.8 Mitigation: as there are no further releases of