Age | Commit message (Collapse) | Author | Files | Lines |
|
Inlcude Spring 5.3.26 to fix CVE-2023-20859, CVE-2023-20861, CVE-2023-20860
|
|
supported by error template
|
|
exceptions too
|
|
|
|
- commons-fileupload to 1.5 to fix CVE-2023-24998
|
|
|
|
|
|
|
|
|
|
|
|
Details: openSAML4 uses org.apache.xml.security.algorithms.JCEMapper to
define JCE cryptoprovider for openSAML crypto. operations. However, this
JCEMapper is not used for openSAML Decrypter, so it must be set manually.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
be done by centrial error-handling
|
|
|
|
|
|
|
|
Reason: Exception messages are illustrated as UX errors
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
include commons-text-1.10.0 to fix CVE-2022-42889
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
validation on REST API's
|
|
|
|
|
|
wrote log messages on level 'debug' if no message property was found
|
|
|
|
pendingRequestId's
|
|
|
|
|
|
skipped
- SBA Pentest finds a pattern that skip security validation SBA(202209-10.2)
|
|
configurated
|