Debian Bug report logs -
#885576
undertow: CVE-2017-7559: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)
Package:
src:undertow;
Maintainer for src:undertow is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, ...
Debian Bug report logs -
#860866
activemq: CVE-2015-7559: DoS in client via shutdown command
Package:
src:activemq;
Maintainer for src:activemq is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 21 Apr 2017 06:27:01 UTC
Severity: ...
Debian Bug report logs -
#885338
CVE-2017-12165
Package:
src:undertow;
Maintainer for src:undertow is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Tue, 26 Dec 2017 12:45:02 UTC
Severity: important
Tags: fixed-upstream, security
Forw ...
Synopsis
Moderate: Red Hat JBoss Fuse/A-MQ 63 R7 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerabilit ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 709 security update on RHEL 6
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 70 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 709 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application PlatformRed Hat Product Security has rated this update as having a security impact of Important A Com ...
Synopsis
Important: eap7-jboss-ec2-eap security update
Type/Severity
Security Advisory: Important
Topic
An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 70 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 70 for Red Hat Ent ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 709 security update on RHEL 7
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 70 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 710 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 71 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 710 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 71 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a ...
Synopsis
Important: eap7-jboss-ec2-eap security update
Type/Severity
Security Advisory: Important
Topic
An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 71 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 71 for Red Hat Ent ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 710 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application PlatformRed Hat Product Security has rated this update as having a security impact of Important A Com ...
It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response By manipulating the HTTP response the ...