Two new versions of the Apache XML Security for Java project have been released
and are available for download
. These releases contain a fix for a critical security advisory CVE-2013-2172
, which involves an XML Signature spoofing attack. Thanks to James Forshaw for reporting the vulnerability to the Apache Santuario project.
Post a Comment