Yeah, something got messed up. I'll get a new version uploaded. mike
On Tue, Jul 6, 2010 at 3:29 PM, Jason Dillon <[email protected]> wrote: > Thanks, but... is it just me or is there content missing in the PDF? > > --jason > > > On Jul 6, 2010, at 1:20 PM, Mike Rheinheimer wrote: > >> Ok, changed it to PDF. Thanks. >> >> https://svn.apache.org/repos/asf/incubator/wink/trunk/security/CVE-2010-2245.pdf >> >> mike >> >> On Tue, Jul 6, 2010 at 1:59 PM, Jason Dillon <[email protected]> wrote: >>> The docx format is not very friendly to share these details... PDF, HTML or >>> even plain text would be much better IMO. >>> >>> --jason >>> >>> >>> On Jul 6, 2010, at 9:46 AM, Mike Rheinheimer wrote: >>> >>>> The Wink team recently discovered a security issue that may allow an >>>> attacker to carry out denial of service attacks and to read arbitrary >>>> files on the file system of the node where Wink runs. Details of the >>>> vulnerability are described in the following advisory: >>>> >>>> https://svn.apache.org/repos/asf/incubator/wink/trunk/security/CVE-2010-2245.docx >>>> >>>> This vulnerability may potentially be exploited on any Wink >>>> installation that receives XML messages from untrusted sources. We >>>> strongly recommend to all users who manage this type of installation >>>> to follow the instructions in the above advisory in order to mitigate >>>> the security risk caused by this vulnerability. >>>> >>>> -- The Wink team >>> >>> > >
