[WSS-707] Update Santuario to fix CVE-2023-44483 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.0.2, 2.4.3, 2.3.5, 4.0.0
Component/s: None
Labels:
None

Description

Versions 4.0.0, 3.0.3, 2.3.4 and 2.2.6 of the Apache XML Security for Java library have been released. A security advisory has been fixed in these releases:

CVE-2023-44483: Apache Santuario: Private Key disclosure in debug-log output

Attachments

Issue Links

links to

GitHub Pull Request #221

GitHub Pull Request #222

GitHub Pull Request #223

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Colm O hEigeartaigh

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 24/Oct/23 03:08

Updated:: 01/Nov/23 07:17

Resolved:: 24/Oct/23 05:18