Hi, buji-pac4j v2.0.2 has been released based on this Shiro version (v1.3.2) and on the new pac4j v1.9.2 (see: http://www.pac4j.org/docs/release-notes.html).
Thanks. Best regards, Jérôme 2016-09-13 16:37 GMT+02:00 Brian Demers-2 [via Shiro Developer] < ml-node+s582600n757944...@n2.nabble.com>: > The Shiro team is pleased to announce the release of Apache Shiro version > 1.3.2. > > This security release contains 1 fix since the 1.3.1 release and is > available for Download now [1]. > > CVE-2016-6802: > Apache Shiro before 1.3.2, when using a non-root servlet context > path, > specifically crafted requests can be used to by pass some security > servlet > filters, resulting in unauthorized access. > > Release binaries (.jars) are also available through Maven Central and > source bundles through Apache distribution mirrors. > > For more information on Shiro, please read the documentation[2]. > > -The Apache Shiro Team > > [1] http://shiro.apache.org/download.html > [2] http://shiro.apache.org/documentation.html > > > ------------------------------ > If you reply to this email, your message will be added to the discussion > below: > http://shiro-developer.582600.n2.nabble.com/ANNOUNCE-CVE- > 2016-6802-Apache-Shiro-1-3-2-released-tp7579440.html > To start a new topic under Shiro Developer, email > ml-node+s582600n582600...@n2.nabble.com > To unsubscribe from Shiro Developer, click here > <http://shiro-developer.582600.n2.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=582600&code=bGVsZXVqQGdtYWlsLmNvbXw1ODI2MDB8LTExNzY2MzcxMTY=> > . > NAML > <http://shiro-developer.582600.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> > -- View this message in context: http://shiro-developer.582600.n2.nabble.com/Re-ANNOUNCE-CVE-2016-6802-Apache-Shiro-1-3-2-released-tp7579444.html Sent from the Shiro Developer mailing list archive at Nabble.com.