Is this something that requires our attention? -------- Original Message -------- Subject: JSF security issue Date: Wed, 09 Jun 2010 06:52:04 -0400 From: Chris Bredesen <[email protected]> To: [email protected]
Y'all see this yet? -------- Original Message -------- Subject: FYI: JSF Known Issue Date: Tue, 8 Jun 2010 11:35:41 -0400 From: Steve 'Ashcrow' Milner<[email protected]> To: Chris Bredesen<[email protected]> http://www.theregister.co.uk/2010/06/08/padding_oracle_attack_tool/ "The researchers tested the attack in JavaServer Faces implemented into the Apache webserver, as well as Sun's Mojarra. They said many other implementations are also likely to be vulnerable." -- kthxbye! Steve 'Ashcrow' Milner Agent of Infosec RHCE: https://www.redhat.com/training/certification/verify/?certno=805009277242449 ITIL Foundation: c.721843 IRC: ashcrow GnuPG ID: 28DFD4BE -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCS/IT/MU/O d-- s:+> a- C+++$ UBL+++$ P++@ L+++$>++++ !E--> W+++$ !N- !o K--? !w-- !O- M- !V- PS PE+ Y+ PGP+++ t+ !5 !X R tv+ b+>++ DI+ !D- G e h !r>+++ y? ------END GEEK CODE BLOCK------ "In the heat of conversation I may have said certain things I believe to be untrue. The alleged lie that you might have heard me saying allegedly moments ago ... that's a parasite that lives in my neck." -- Tad Ghostal
Attached Message Part
Description: PGP signature
_______________________________________________ seam-dev mailing list [email protected] https://lists.jboss.org/mailman/listinfo/seam-dev
