Two new versions of the Apache XML Security for Java project have been
released and are available for
download. These releases contain a fix for a critical security advisory
CVE-2013-2172, which involves an XML Signature spoofing attack. Thanks to James Forshaw for reporting the vulnerability to the Apache Santuario project.
No comments:
Post a Comment