You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by so...@apache.org on 2018/02/26 05:25:36 UTC
[openmeetings] branch master updated: no jira: vulnerability
description is improved
This is an automated email from the ASF dual-hosted git repository.
solomax pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openmeetings.git
The following commit(s) were added to refs/heads/master by this push:
new f5610a4 no jira: vulnerability description is improved
f5610a4 is described below
commit f5610a443a071f6f975cd8f2f512ca7168fc6f65
Author: Maxim Solodovnik <so...@gmail.com>
AuthorDate: Mon Feb 26 12:25:13 2018 +0700
no jira: vulnerability description is improved
---
openmeetings-server/src/site/xdoc/security.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/openmeetings-server/src/site/xdoc/security.xml b/openmeetings-server/src/site/xdoc/security.xml
index 2f9516b..be6fae8 100644
--- a/openmeetings-server/src/site/xdoc/security.xml
+++ b/openmeetings-server/src/site/xdoc/security.xml
@@ -53,7 +53,7 @@
<section name="CVE-2018-1286 - Apache OpenMeetings - Insufficient Access Controls">
<p>Severity: Medium</p>
<p>Vendor: The Apache Software Foundation</p>
- <p>Versions Affected: Apache OpenMeetings 3.0.0</p>
+ <p>Versions Affected: Apache OpenMeetings 3.0.0 - 4.0.1</p>
<p>Description: CRUD operations on privileged users are not password protected allowing an authenticated attacker
to deny service for privileged users.<br/>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1286">CVE-2018-1286</a>
--
To stop receiving notification emails like this one, please contact
solomax@apache.org.