You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cxf.apache.org by Colm O hEigeartaigh <co...@apache.org> on 2018/06/28 14:57:13 UTC

Apache CXF 3.2.6 and 3.1.16 are released

Apache CXF™ is an open source services framework. CXF helps you build and
develop services using frontend programming APIs, like JAX-WS and JAX-RS.
These services can speak a variety of protocols such as SOAP, XML/HTTP,
RESTful HTTP, or CORBA and work over a variety of transports such as HTTP,
JMS or JBI.

The Apache CXF team is proud to announce the release of versions 3.2.6 and
3.1.16. Over 50 JIRA issues were fixed for 3.2.5 and 25 JIRA items were
resolved for 3.1.16.

In addition, both of these releases contain a fix for a new security
advisory:

CVE-2018-8039: Apache CXF TLS hostname verification does not work correctly
with com.sun.net.ssl.

The advisory text is available at this location:
http://cxf.apache.org/security-advisories.data/CVE-2018-8039.txt.asc?version=1&modificationDate=1530184663000&api=v2

Please also refer to the CXF security advisories page:
http://cxf.apache.org/security-advisories.html


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: Apache CXF 3.2.6 and 3.1.16 are released

Posted by Colm O hEigeartaigh <co...@apache.org>.

Yes it was a typo.

Colm.

On Mon, Jul 2, 2018 at 8:28 AM, David Karlsen <da...@gmail.com>
wrote:

> Should that read 3.2.5 instead of 3.2.6?
>
> Den tor. 28. jun. 2018 kl. 16:57 skrev Colm O hEigeartaigh <
> coheigea@apache.org>:
>
> > Apache CXF™ is an open source services framework. CXF helps you build and
> > develop services using frontend programming APIs, like JAX-WS and JAX-RS.
> > These services can speak a variety of protocols such as SOAP, XML/HTTP,
> > RESTful HTTP, or CORBA and work over a variety of transports such as
> HTTP,
> > JMS or JBI.
> >
> > The Apache CXF team is proud to announce the release of versions 3.2.6
> and
> > 3.1.16. Over 50 JIRA issues were fixed for 3.2.5 and 25 JIRA items were
> > resolved for 3.1.16.
> >
> > In addition, both of these releases contain a fix for a new security
> > advisory:
> >
> > CVE-2018-8039: Apache CXF TLS hostname verification does not work
> correctly
> > with com.sun.net.ssl.
> >
> > The advisory text is available at this location:
> >
> > http://cxf.apache.org/security-advisories.data/CVE-
> 2018-8039.txt.asc?version=1&modificationDate=1530184663000&api=v2
> >
> > Please also refer to the CXF security advisories page:
> > http://cxf.apache.org/security-advisories.html
> >
> >
> > --
> > Colm O hEigeartaigh
> >
> > Talend Community Coder
> > http://coders.talend.com
> >
>
>
> --
> --
> David J. M. Karlsen - http://www.linkedin.com/in/davidkarlsen
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: Apache CXF 3.2.6 and 3.1.16 are released

Posted by Colm O hEigeartaigh <co...@apache.org>.

Yes it was a typo.

Colm.

On Mon, Jul 2, 2018 at 8:28 AM, David Karlsen <da...@gmail.com>
wrote:

> Should that read 3.2.5 instead of 3.2.6?
>
> Den tor. 28. jun. 2018 kl. 16:57 skrev Colm O hEigeartaigh <
> coheigea@apache.org>:
>
> > Apache CXF™ is an open source services framework. CXF helps you build and
> > develop services using frontend programming APIs, like JAX-WS and JAX-RS.
> > These services can speak a variety of protocols such as SOAP, XML/HTTP,
> > RESTful HTTP, or CORBA and work over a variety of transports such as
> HTTP,
> > JMS or JBI.
> >
> > The Apache CXF team is proud to announce the release of versions 3.2.6
> and
> > 3.1.16. Over 50 JIRA issues were fixed for 3.2.5 and 25 JIRA items were
> > resolved for 3.1.16.
> >
> > In addition, both of these releases contain a fix for a new security
> > advisory:
> >
> > CVE-2018-8039: Apache CXF TLS hostname verification does not work
> correctly
> > with com.sun.net.ssl.
> >
> > The advisory text is available at this location:
> >
> > http://cxf.apache.org/security-advisories.data/CVE-
> 2018-8039.txt.asc?version=1&modificationDate=1530184663000&api=v2
> >
> > Please also refer to the CXF security advisories page:
> > http://cxf.apache.org/security-advisories.html
> >
> >
> > --
> > Colm O hEigeartaigh
> >
> > Talend Community Coder
> > http://coders.talend.com
> >
>
>
> --
> --
> David J. M. Karlsen - http://www.linkedin.com/in/davidkarlsen
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: Apache CXF 3.2.6 and 3.1.16 are released

Posted by David Karlsen <da...@gmail.com>.

Should that read 3.2.5 instead of 3.2.6?

Den tor. 28. jun. 2018 kl. 16:57 skrev Colm O hEigeartaigh <
coheigea@apache.org>:

> Apache CXF™ is an open source services framework. CXF helps you build and
> develop services using frontend programming APIs, like JAX-WS and JAX-RS.
> These services can speak a variety of protocols such as SOAP, XML/HTTP,
> RESTful HTTP, or CORBA and work over a variety of transports such as HTTP,
> JMS or JBI.
>
> The Apache CXF team is proud to announce the release of versions 3.2.6 and
> 3.1.16. Over 50 JIRA issues were fixed for 3.2.5 and 25 JIRA items were
> resolved for 3.1.16.
>
> In addition, both of these releases contain a fix for a new security
> advisory:
>
> CVE-2018-8039: Apache CXF TLS hostname verification does not work correctly
> with com.sun.net.ssl.
>
> The advisory text is available at this location:
>
> http://cxf.apache.org/security-advisories.data/CVE-2018-8039.txt.asc?version=1&modificationDate=1530184663000&api=v2
>
> Please also refer to the CXF security advisories page:
> http://cxf.apache.org/security-advisories.html
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>


-- 
--
David J. M. Karlsen - http://www.linkedin.com/in/davidkarlsen

Re: Apache CXF 3.2.6 and 3.1.16 are released

Posted by David Karlsen <da...@gmail.com>.

Should that read 3.2.5 instead of 3.2.6?

Den tor. 28. jun. 2018 kl. 16:57 skrev Colm O hEigeartaigh <
coheigea@apache.org>:

> Apache CXF™ is an open source services framework. CXF helps you build and
> develop services using frontend programming APIs, like JAX-WS and JAX-RS.
> These services can speak a variety of protocols such as SOAP, XML/HTTP,
> RESTful HTTP, or CORBA and work over a variety of transports such as HTTP,
> JMS or JBI.
>
> The Apache CXF team is proud to announce the release of versions 3.2.6 and
> 3.1.16. Over 50 JIRA issues were fixed for 3.2.5 and 25 JIRA items were
> resolved for 3.1.16.
>
> In addition, both of these releases contain a fix for a new security
> advisory:
>
> CVE-2018-8039: Apache CXF TLS hostname verification does not work correctly
> with com.sun.net.ssl.
>
> The advisory text is available at this location:
>
> http://cxf.apache.org/security-advisories.data/CVE-2018-8039.txt.asc?version=1&modificationDate=1530184663000&api=v2
>
> Please also refer to the CXF security advisories page:
> http://cxf.apache.org/security-advisories.html
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>


-- 
--
David J. M. Karlsen - http://www.linkedin.com/in/davidkarlsen