CVE-2017-1000486 on PrimeFaces 6.2 ?

UI Components for JSF
Post Reply
gallog
Posts: 1
Joined: 05 Dec 2018, 19:48

05 Dec 2018, 19:58

Hi,
we are upgrading our PrimeFaces 6.1 installation due to CVE-2017-1000486 vulnerability.
We think that the problem has been solved by this commit
https://github.com/primefaces/primeface ... e8772fd3d9
and already fixed in community 6.2 version.

Can you confirm that you think this version is not affected by CVE-2017-1000486 ?

Regards,
Gianluca

tandraschko
PrimeFaces Core Developer
Posts: 3645
Joined: 03 Dec 2010, 14:11
Location: Bavaria, DE
Contact:

06 Dec 2018, 10:20

Thomas Andraschko

PrimeFaces | PrimeFaces Extensions

Apache Member | OpenWebBeans, DeltaSpike, MyFaces, BVal, TomEE

Sponsor me: https://github.com/sponsors/tandraschko
Blog: http://tandraschko.blogspot.de/
Twitter: https://twitter.com/TAndraschko

Post Reply

Return to “PrimeFaces”

  • Information
  • Who is online

    Users browsing this forum: No registered users and 6 guests