——————————————————————————–
Fedora Update Notification
FEDORA-2017-16a7aa8e4f
2017-01-12 01:46:20.762240
——————————————————————————–

Name : springframework-security
Product : Fedora 25
Version : 3.2.10
Release : 1.fc25
URL : http://static.springsource.org/spring-security/site/index.html
Summary : Modular Java/J2EE application security framework
Description :
Spring Security is a Java/Java EE framework that provides advanced
authentication, authorization and other comprehensive security features for
enterprise applications. In addition to having a comprehensive list of
security functionality, Spring Security is very configurable and employs the
Spring Framework for configuration, it allows for reuse and portability of
security components, and it can also be used with non-Spring applications.

——————————————————————————–
Update Information:

update to 3.2.10.RELEASE, fix CVE-2016-9879
——————————————————————————–
References:

[ 1 ] Bug #1409838 – CVE-2016-9879 Spring Security: Improper handling of path parameters allows bypassing the security constraint
https://bugzilla.redhat.com/show_bug.cgi?id=1409838
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade springframework-security’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org