You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by so...@apache.org on 2018/02/26 05:25:21 UTC
[openmeetings] branch 4.0.x updated: no jira: vulnerability
description is improved
This is an automated email from the ASF dual-hosted git repository.
solomax pushed a commit to branch 4.0.x
in repository https://gitbox.apache.org/repos/asf/openmeetings.git
The following commit(s) were added to refs/heads/4.0.x by this push:
new 6c42e53 no jira: vulnerability description is improved
6c42e53 is described below
commit 6c42e532b7ce15d8d0fd547ba6fe3aa5242f56be
Author: Maxim Solodovnik <so...@gmail.com>
AuthorDate: Mon Feb 26 12:25:13 2018 +0700
no jira: vulnerability description is improved
---
openmeetings-server/src/site/xdoc/security.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/openmeetings-server/src/site/xdoc/security.xml b/openmeetings-server/src/site/xdoc/security.xml
index 2f9516b..be6fae8 100644
--- a/openmeetings-server/src/site/xdoc/security.xml
+++ b/openmeetings-server/src/site/xdoc/security.xml
@@ -53,7 +53,7 @@
<section name="CVE-2018-1286 - Apache OpenMeetings - Insufficient Access Controls">
<p>Severity: Medium</p>
<p>Vendor: The Apache Software Foundation</p>
- <p>Versions Affected: Apache OpenMeetings 3.0.0</p>
+ <p>Versions Affected: Apache OpenMeetings 3.0.0 - 4.0.1</p>
<p>Description: CRUD operations on privileged users are not password protected allowing an authenticated attacker
to deny service for privileged users.<br/>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1286">CVE-2018-1286</a>
--
To stop receiving notification emails like this one, please contact
solomax@apache.org.