[SECURITY] Fedora 21 Update: owasp-esapi-java-2.1.0-1.fc21
updates at fedoraproject.org
updates at fedoraproject.org
Wed Jan 14 23:57:44 UTC 2015
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-0322
2015-01-07 00:46:52
--------------------------------------------------------------------------------
Name : owasp-esapi-java
Product : Fedora 21
Version : 2.1.0
Release : 1.fc21
URL : http://code.google.com/p/owasp-esapi-java/
Summary : OWASP Enterprise Security API
Description :
OWASP ESAPI (The OWASP Enterprise Security API) is a free, open source,
web application security control library that makes it easier for programmers
to write lower-risk applications. The ESAPI for Java library is designed to
make it easier for programmers to retrofit security into existing applications.
ESAPI for Java also serves as a solid foundation for new development.
--------------------------------------------------------------------------------
Update Information:
Release 2.1.0.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 5 2015 Marek Goldmann <mgoldman at redhat.com> - 2.1.0-1
- Upgrade to 2.1.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1013589 - CVE-2013-5679 CVE-2013-5960 owasp-esapi-java: symmetric encryption MAC bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1013589
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update owasp-esapi-java' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list