Mangelnde Prüfung von Zertifikaten in opensaml-java
ID: | FEDORA-2015-10235 |
Distribution: | Fedora |
Plattformen: | Fedora 22 |
Datum: | Fr, 7. August 2015, 15:41 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3603 |
Applikationen: | OpenSAML |
Originalnachricht |
|
Name : opensaml-java Product : Fedora 22 Version : 2.5.3 Release : 9.fc22 URL : http://www.opensaml.org/ Summary : Java OpenSAML library Description : OpenSAML is a set of open source C++ & Java libraries meant to support developers working with the Security Assertion Markup Language (SAML). OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0. -------------------------------------------------------------------------------- Update Information: * OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 16 2015 Marek Goldmann |