Sicherheit: Mangelnde Rechteprüfung in springframework-security
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in springframework-security
ID: FEDORA-2017-16a7aa8e4f
Distribution: Fedora
Plattformen: Fedora 25
Datum: Do, 12. Januar 2017, 07:13
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9879
Applikationen: springframework-security


Name        : springframework-security
Product : Fedora 25
Version : 3.2.10
Release : 1.fc25
URL : http://static.springsource.org/spring-security/site/index.html
Summary : Modular Java/J2EE application security framework
Description :
Spring Security is a Java/Java EE framework that provides advanced
authentication, authorization and other comprehensive security features for
enterprise applications. In addition to having a comprehensive list of
security functionality, Spring Security is very configurable and employs the
Spring Framework for configuration, it allows for reuse and portability of
security components, and it can also be used with non-Spring applications.

Update Information:

update to 3.2.10.RELEASE, fix CVE-2016-9879

[ 1 ] Bug #1409838 - CVE-2016-9879 Spring Security: Improper handling of path
parameters allows bypassing the security constraint

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade springframework-security' at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux @Facebook
Neue Nachrichten