CVE-2017-1000486 on PrimeFaces 6.2 ?

UI Components for JSF
Post Reply
gallog
Posts: 1
Joined: 05 Dec 2018, 19:48

05 Dec 2018, 19:58

Hi,
we are upgrading our PrimeFaces 6.1 installation due to CVE-2017-1000486 vulnerability.
We think that the problem has been solved by this commit
https://github.com/primefaces/primeface ... e8772fd3d9
and already fixed in community 6.2 version.

Can you confirm that you think this version is not affected by CVE-2017-1000486 ?

Regards,
Gianluca

tandraschko
PrimeFaces Core Developer
Posts: 3509
Joined: 03 Dec 2010, 14:11
Location: Bavaria, DE
Contact:

06 Dec 2018, 10:20

Always Bet On Prime (+ Extensions)!

Thomas Andraschko
PrimeFaces Developer | PrimeFaces Extensions Founder
Apache OpenWebBeans PMC | Apache DeltaSpike PMC | Apache MyFaces PMC

Personal Blog: http://tandraschko.blogspot.de/

Post Reply

Return to “PrimeFaces”

  • Information
  • Who is online

    Users browsing this forum: Bing [Bot] and 16 guests