Sicherheit: Cross-Site Scripting in axis
Aktuelle Meldungen Distributionen
Name: Cross-Site Scripting in axis
ID: FEDORA-2018-8a85ed2f10
Distribution: Fedora
Plattformen: Fedora 27
Datum: Do, 23. August 2018, 12:29
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8032
Applikationen: AXIS


Fedora Update Notification
2018-08-23 09:43:24.282377

Name : axis
Product : Fedora 27
Version : 1.4
Release : 35.fc27
URL : http://ws.apache.org/axis/
Summary : SOAP implementation in Java
Description :
Apache AXIS is an implementation of the SOAP ("Simple Object Access
submission to W3C.

From the draft W3C specification:

SOAP is a lightweight protocol for exchange of information in a decentralized,
distributed environment. It is an XML based protocol that consists of three
parts: an envelope that defines a framework for describing what is in a message
and how to process it, a set of encoding rules for expressing instances of
application-defined datatypes, and a convention for representing remote
procedure calls and responses.

This project is a follow-on to the Apache SOAP project.

Update Information:

Fixes CVE-2018-8032, an XSS attack in axis-based services.

* Mon Aug 13 2018 Mat Booth <mat.booth@redhat.com> - 0:1.4-35
- Fix for CVE-2018-8032

[ 1 ] Bug #1611835 - CVE-2018-8032 axis: cross-site scripting (XSS) attack in
the default servlet/services

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-8a85ed2f10' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q5PSL3445FAECTG4YYE7GBG6QIR75LAK/
Pro-Linux @Facebook
Neue Nachrichten