Author: buildbot
Date: Wed Feb 8 16:20:04 2017
New Revision: 1006413
Log:
Production update by buildbot for camel
Modified:
websites/production/camel/content/cache/main.pageCache
websites/production/camel/content/security-advisories.html
Modified: websites/production/camel/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/camel/content/security-advisories.html
==============================================================================
--- websites/production/camel/content/security-advisories.html (original)
+++ websites/production/camel/content/security-advisories.html Wed Feb 8
16:20:04 2017
@@ -75,7 +75,7 @@
<tbody>
<tr>
<td valign="top" width="100%">
-<div class="wiki-content maincontent"><h3
id="SecurityAdvisories-2017">2017</h3><ul><li><p><a shape="rect"
href="security-advisories.data/CVE-2017-3159.txt.asc?version=1&modificationDate=1486565167000&api=v2"
data-linked-resource-id="67641933" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2017-3159.txt.asc"
data-linked-resource-content-type="application/pgp-encrypted"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="12">CVE-2017-3159</a> - Apache Camel's
Snakeyaml unmarshalling operation is vulnerable to Remote Code Execution
attacks</p></li></ul><h3 id="SecurityAdvisories-2016">2016</h3><ul><li><p><a
shape="rect"
href="security-advisories.data/CVE-2016-8749.txt.asc?version=2&modificationDate=1486565034000&api=v2"
data-linked-resource-id="67641927" data-linked-resource-version="2"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2016-874
9.txt.asc" data-linked-resource-content-type="application/pgp-encrypted"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="12">CVE-2016-8749</a> - Apache
Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote
Code Execution attacks</p></li></ul><h3
id="SecurityAdvisories-2015">2015</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2015-5344.txt.asc?version=1&modificationDate=1454056803000&api=v2"
data-linked-resource-id="61338184" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-5344.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="12">CVE-2015-5344</a> - Apache
Camel's XStream usage is vulnerable to Remote Code Execution
attacks.</li><li><a shape="rect" href="security-advisories.data/CVE-2015-5348.t
xt.asc?version=1&modificationDate=1450340845000&api=v2"
data-linked-resource-id="61333112" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-5348.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="12">CVE-2015-5348</a> - Apache Camel's
Jetty/Servlet usage is vulnerable to Java object de-serialisation
vulnerability.</li><li><a shape="rect"
href="security-advisories.data/CVE-2015-0264.txt.asc?version=1&modificationDate=1426539191000&api=v2"
data-linked-resource-id="54165590" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-0264.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="12">CVE-2015-0264</a> - The X
Path handling in Apache Camel for invalid XML Strings or invalid XML
GenericFile objects allows remote attackers to read arbitrary files via an XML
External Entity (XXE) declaration. The XML External Entity (XXE) will be
resolved before the Exception is thrown.</li><li><a shape="rect"
href="security-advisories.data/CVE-2015-0263.txt.asc?version=1&modificationDate=1426539178000&api=v2"
data-linked-resource-id="54165589" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-0263.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="12">CVE-2015-0263</a> - The XML
converter setup in Apache Camel allows remote attackers to read arbitrary files
via an SAXSource containing an XML External Entity (XXE)
declaration.</li></ul><h3 id="SecurityAdvisories-2014">2014</h3><ul><li><a
shape="rect" href="security-advi
sories.data/CVE-2014-0003.txt.asc?version=1&modificationDate=1393615582000&api=v2"
data-linked-resource-id="40009835" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2014-0003.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="12">CVE-2014-0003</a> - The Apache
Camel XSLT component allows XSL stylesheets to perform calls to external Java
methods.</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-0002.txt.asc?version=1&modificationDate=1393615569000&api=v2"
data-linked-resource-id="40009834" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2014-0002.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="
12">CVE-2014-0002</a> - The Apache Camel XSLT component will resolve entities
in XML messages when transforming them using an xslt route.</li></ul><h3
id="SecurityAdvisories-2013">2013</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2013-4330.txt.asc?version=1&modificationDate=1380633919000&api=v2"
data-linked-resource-id="35192841" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2013-4330.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="12">CVE-2013-4330</a> - Writing files
using FILE or FTP components, can potentially be exploited by a malicious
user.</li></ul><p> </p></div>
+<div class="wiki-content maincontent"><h3
id="SecurityAdvisories-2017">2017</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2017-3159.txt.asc?version=1&modificationDate=1486565167000&api=v2"
data-linked-resource-id="67641933" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2017-3159.txt.asc"
data-linked-resource-content-type="application/pgp-encrypted"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="13">CVE-2017-3159</a> - Apache
Camel's Snakeyaml unmarshalling operation is vulnerable to Remote Code
Execution attacks</li></ul><h3 id="SecurityAdvisories-2016">2016</h3><ul><li><a
shape="rect"
href="security-advisories.data/CVE-2016-8749.txt.asc?version=2&modificationDate=1486565034000&api=v2"
data-linked-resource-id="67641927" data-linked-resource-version="2"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2016-874
9.txt.asc" data-linked-resource-content-type="application/pgp-encrypted"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="13">CVE-2016-8749</a> - Apache
Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to
Remote Code Execution attacks</li></ul><h3
id="SecurityAdvisories-2015">2015</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2015-5344.txt.asc?version=1&modificationDate=1454056803000&api=v2"
data-linked-resource-id="61338184" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-5344.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="13">CVE-2015-5344</a> - Apache
Camel's XStream usage is vulnerable to Remote Code Execution
attacks.</li><li><a shape="rect" href="security-advisories.data/CVE-2015-5348.
txt.asc?version=1&modificationDate=1450340845000&api=v2"
data-linked-resource-id="61333112" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-5348.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="13">CVE-2015-5348</a> - Apache Camel's
Jetty/Servlet usage is vulnerable to Java object de-serialisation
vulnerability.</li><li><a shape="rect"
href="security-advisories.data/CVE-2015-0264.txt.asc?version=1&modificationDate=1426539191000&api=v2"
data-linked-resource-id="54165590" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-0264.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="13">CVE-2015-0264</a> - The
XPath handling in Apache Camel for invalid XML Strings or invalid XML
GenericFile objects allows remote attackers to read arbitrary files via an XML
External Entity (XXE) declaration. The XML External Entity (XXE) will be
resolved before the Exception is thrown.</li><li><a shape="rect"
href="security-advisories.data/CVE-2015-0263.txt.asc?version=1&modificationDate=1426539178000&api=v2"
data-linked-resource-id="54165589" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2015-0263.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="13">CVE-2015-0263</a> - The XML
converter setup in Apache Camel allows remote attackers to read arbitrary files
via an SAXSource containing an XML External Entity (XXE)
declaration.</li></ul><h3 id="SecurityAdvisories-2014">2014</h3><ul><li><a
shape="rect" href="security-adv
isories.data/CVE-2014-0003.txt.asc?version=1&modificationDate=1393615582000&api=v2"
data-linked-resource-id="40009835" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2014-0003.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="13">CVE-2014-0003</a> - The Apache
Camel XSLT component allows XSL stylesheets to perform calls to external Java
methods.</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-0002.txt.asc?version=1&modificationDate=1393615569000&api=v2"
data-linked-resource-id="40009834" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2014-0002.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version=
"13">CVE-2014-0002</a> - The Apache Camel XSLT component will resolve entities
in XML messages when transforming them using an xslt route.</li></ul><h3
id="SecurityAdvisories-2013">2013</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2013-4330.txt.asc?version=1&modificationDate=1380633919000&api=v2"
data-linked-resource-id="35192841" data-linked-resource-version="1"
data-linked-resource-type="attachment"
data-linked-resource-default-alias="CVE-2013-4330.txt.asc" data-nice-type="Text
File" data-linked-resource-content-type="text/plain"
data-linked-resource-container-id="34833933"
data-linked-resource-container-version="13">CVE-2013-4330</a> - Writing files
using FILE or FTP components, can potentially be exploited by a malicious
user.</li></ul><p> </p></div>
</td>
<td valign="top">
<div class="navigation">
