Hello, I added a second CVE to the de-serialisation security-report for ACC, I dont have the infrastrcuture handy to push the site, can somebody do that, please?
Gruss Bernd URL: http://svn.apache.org/viewvc?rev=1719350&view=rev Log: security-report: added CVE-2015-7501 (Red Hat) to de-serialisaton references Modified: commons/proper/collections/trunk/src/site/xdoc/security-reports.xml Modified: commons/proper/collections/trunk/src/site/xdoc/security-reports.xml URL: http://svn.apache.org/viewvc/commons/proper/collections/trunk/src/site/xdoc/security-reports.xml?rev=1719350&r1=1719349&r2=1719350&view=diff ============================================================================== --- commons/proper/collections/trunk/src/site/xdoc/security-reports.xml (original) +++ commons/proper/collections/trunk/src/site/xdoc/security-reports.xml Fri Dec 11 11:39:08 2015 @@ -91,6 +91,9 @@ <ol> <li>Vulnerability Report for Oracle Weblogic Server: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4852";>CVE-2015-4852</a></li> + <li>Vulnerability Report for Red Hat JBoss products: + <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501";>CVE-2015-7501</a> + (<a href="https://access.redhat.com/security/cve/cve-2015-7501";>Red Hat Portal</a>)</li> <li>Apache Commons <a href="https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread";>statement</a> to widespread Java object de-serialisation vulnerability</li> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
