You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@kafka.apache.org by cm...@apache.org on 2019/08/02 18:40:09 UTC

[kafka-site] 01/01: Fix missing close tag in cve-list.html

This is an automated email from the ASF dual-hosted git repository.

cmccabe pushed a commit to branch cve2
in repository https://gitbox.apache.org/repos/asf/kafka-site.git

commit 8b24d3fdc3699d9c27579ed7eeb0cae9c5cc9d86
Author: Colin P. Mccabe <cm...@confluent.io>
AuthorDate: Fri Aug 2 11:36:39 2019 -0700

    Fix missing close tag in cve-list.html
---
 cve-list.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cve-list.html b/cve-list.html
index a7bb658..5c797df 100644
--- a/cve-list.html
+++ b/cve-list.html
@@ -9,6 +9,7 @@
 This page lists all security vulnerabilities fixed in released versions of Apache Kafka.
 
 <h2><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17196">CVE-2018-17196</a>
+Authenticated clients with Write permission may bypass transaction/idempotent ACL validation</h2>
 <p>In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually
 craft a Produce request which bypasses transaction/idempotent ACL validation.
 Only authenticated clients with Write permission on the respective topics are