Hi,
we are upgrading our PrimeFaces 6.1 installation due to CVE-2017-1000486 vulnerability.
We think that the problem has been solved by this commit
https://github.com/primefaces/primeface ... e8772fd3d9
and already fixed in community 6.2 version.
Can you confirm that you think this version is not affected by CVE-2017-1000486 ?
Regards,
Gianluca
CVE-2017-1000486 on PrimeFaces 6.2 ?
-
tandraschko
- PrimeFaces Core Developer
- Posts: 3979
- Joined: 03 Dec 2010, 14:11
- Location: Bavaria, DE
- Contact:
Thomas Andraschko
PrimeFaces | PrimeFaces Extensions
Apache Member | OpenWebBeans, DeltaSpike, MyFaces, BVal, TomEE
Sponsor me: https://github.com/sponsors/tandraschko
Blog: http://tandraschko.blogspot.de/
Twitter: https://twitter.com/TAndraschko
PrimeFaces | PrimeFaces Extensions
Apache Member | OpenWebBeans, DeltaSpike, MyFaces, BVal, TomEE
Sponsor me: https://github.com/sponsors/tandraschko
Blog: http://tandraschko.blogspot.de/
Twitter: https://twitter.com/TAndraschko
-
- Information
-
Who is online
Users browsing this forum: No registered users and 59 guests