authn.oidc 2.0.1 and icat.oaipmh 2.0.1 released
3 views
Skip to first unread message
Rolf Krahl
Dec 1, 2023, 11:29:18 AM12/1/23
to icat...@googlegroups.com
Dear all,
I have released
authn.oidc 2.0.1 and
icat.oaipmh 2.0.1
These new versions bump logback-classic to 1.3.12 which fixes a a
serialization vulnerability, allowing an attacker to mount a
Denial-Of-Service attack by sending poisoned data.
If you use either component on Payara 6, it is highly recommended to
upgrade.
Best regards,
Rolf
--
Rolf Krahl <rolf....@helmholtz-berlin.de>
Helmholtz-Zentrum Berlin für Materialien und Energie (HZB)
Albert-Einstein-Str. 15, 12489 Berlin
Tel.: +49 30 8062 12122
I have released
authn.oidc 2.0.1 and
icat.oaipmh 2.0.1
These new versions bump logback-classic to 1.3.12 which fixes a a
serialization vulnerability, allowing an attacker to mount a
Denial-Of-Service attack by sending poisoned data.
If you use either component on Payara 6, it is highly recommended to
upgrade.
Best regards,
Rolf
--
Rolf Krahl <rolf....@helmholtz-berlin.de>
Helmholtz-Zentrum Berlin für Materialien und Energie (HZB)
Albert-Einstein-Str. 15, 12489 Berlin
Tel.: +49 30 8062 12122
Reply all
Reply to author
Forward
0 new messages