Apache WSS4J 2.0.3 and 1.6.18 have been released
. Both releases contain a number of fixes in relation to validating SAML tokens, as covered
earlier. In addition, Apache WSS4J 2.0.3 has unified security error messages to prevent some attacks (see here
for more information). Apache CXF 3.0.4 and 2.7.15 have also been released
, both of which pick up the recent WSS4J releases.
Post a Comment