Play Framework XML External Entity Vulnerability
195 views
Skip to first unread message
James Roper
Sep 11, 2013, 7:23:17 PM9/11/13
to play-framew...@googlegroups.com
A security vulnerability has been found in all stable versions of Play Framework 2.x released before 11 September 2013.
This vulnerability has been fixed for all major stable versions of Play, and fixes can be downloaded here:
http://downloads.typesafe.com/play/2.1.4/play-2.1.4.zip
The Play team strongly recommends that all Play users upgrade to one of the above releases of Play. The changelogs for these versions can be found here:
http://www.playframework.com/changelog
For more details on this vulnerability, please see the vulnerability advisory on the Play website:
http://www.playframework.com/security/vulnerability/20130911-XmlExternalEntity
This vulnerability has been fixed for all major stable versions of Play, and fixes can be downloaded here:
http://downloads.typesafe.com/play/2.1.4/play-2.1.4.zip
The Play team strongly recommends that all Play users upgrade to one of the above releases of Play. The changelogs for these versions can be found here:
http://www.playframework.com/changelog
For more details on this vulnerability, please see the vulnerability advisory on the Play website:
http://www.playframework.com/security/vulnerability/20130911-XmlExternalEntity
Reply all
Reply to author
Forward
0 new messages