You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@geronimo.apache.org by "Murthy, Avaneesh (Avaneesh)" <am...@avaya.com> on 2012/04/23 12:59:32 UTC

CVE-2011-5034 Vulnerablity query

Hi,

 

I was wondering if you have any suggestions on how to deal with the
vulnerability by changing configuration on the web server.

 

CVE-2011-5034 "Hash values for form parameters computed without
restricting hash collisions causing a denial of service"
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5034

 

Or is there a fix planned in the coming releases of Apache Geronimo jars
?

 

Avaneesh

Re: CVE-2011-5034 Vulnerablity query

Posted by Tina Li <li...@gmail.com>.

Hi,
Please take this jira as a reference:
 https://issues.apache.org/jira/browse/GERONIMO-6339

-----
Thanks!
Tina Li

--
View this message in context: http://apache-geronimo.328035.n3.nabble.com/CVE-2011-5034-Vulnerablity-query-tp3932734p3976179.html
Sent from the Users mailing list archive at Nabble.com.