You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@syncope.apache.org by GitBox <gi...@apache.org> on 2021/05/26 16:11:22 UTC

[GitHub] [syncope] coheigea opened a new pull request #268: Disable CXF Services Listing

coheigea opened a new pull request #268:
URL: https://github.com/apache/syncope/pull/268


   As Syncope 2.1.x is stuck on CXF 3.2.x, it is vulnerable to:
   
   http://cxf.apache.org/security-advisories.data/CVE-2020-13954.txt.asc
   
   I confirmed with this PR you can no longer see the services page (http://localhost:9080/syncope/rest/services)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [syncope] ilgrosso commented on pull request #268: Disable CXF Services Listing

Posted by GitBox <gi...@apache.org>.

ilgrosso commented on pull request #268:
URL: https://github.com/apache/syncope/pull/268#issuecomment-848907146


   @coheigea when you disable service listing, does doc page still works, a.k.a. /syncope/ which output is similar to http://syncope.apache.org/rest/2.1/index.html ?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [syncope] ilgrosso merged pull request #268: Disable CXF Services Listing

Posted by GitBox <gi...@apache.org>.

ilgrosso merged pull request #268:
URL: https://github.com/apache/syncope/pull/268


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [syncope] coheigea commented on pull request #268: Disable CXF Services Listing

Posted by GitBox <gi...@apache.org>.

coheigea commented on pull request #268:
URL: https://github.com/apache/syncope/pull/268#issuecomment-848915752


   Yes, it does, as does the WADL, openapi + Swagger links.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org