svn commit: r1020879 - in /websites/production/camel/content: ./ cache/ security-advisories.data/

buildbot Wed, 15 Nov 2017 01:27:51 -0800

Author: buildbot
Date: Wed Nov 15 09:27:20 2017
New Revision: 1020879

Log:
Production update by buildbot for camel


Added:
    websites/production/camel/content/cache/main.pageCache   (with props)
    
websites/production/camel/content/security-advisories.data/CVE-2017-12633.txt.asc
    
websites/production/camel/content/security-advisories.data/CVE-2017-12634.txt.asc
Modified:
    websites/production/camel/content/book-in-one-page.html
    websites/production/camel/content/book-tutorials.html
    websites/production/camel/content/security-advisories.html
    websites/production/camel/content/siteindex.html

Modified: websites/production/camel/content/book-in-one-page.html
==============================================================================
--- websites/production/camel/content/book-in-one-page.html (original)
+++ websites/production/camel/content/book-in-one-page.html Wed Nov 15 09:27:20 
2017
@@ -4368,11 +4368,11 @@ So we completed the last piece in the pi
 <p>This example has been removed from <strong>Camel 2.9</strong> onwards. 
Apache Axis 1.4 is a very old and unsupported framework. We encourage users to 
use <a shape="rect" href="cxf.html">CXF</a> instead of Axis.</p></div></div>
 
 <style type="text/css">/*<![CDATA[*/
-div.rbtoc1510647655372 {padding: 0px;}
-div.rbtoc1510647655372 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1510647655372 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1510737634360 {padding: 0px;}
+div.rbtoc1510737634360 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1510737634360 li {margin-left: 0px;padding-left: 0px;}
 
-/*]]>*/</style><div class="toc-macro rbtoc1510647655372">
+/*]]>*/</style><div class="toc-macro rbtoc1510737634360">
 <ul class="toc-indentation"><li><a shape="rect" 
href="#BookInOnePage-TutorialusingAxis1.4withApacheCamel">Tutorial using Axis 
1.4 with Apache Camel</a>
 <ul class="toc-indentation"><li><a shape="rect" 
href="#BookInOnePage-Prerequisites">Prerequisites</a></li><li><a shape="rect" 
href="#BookInOnePage-Distribution">Distribution</a></li><li><a shape="rect" 
href="#BookInOnePage-Introduction">Introduction</a></li><li><a shape="rect" 
href="#BookInOnePage-SettinguptheprojecttorunAxis">Setting up the project to 
run Axis</a>
 <ul class="toc-indentation"><li><a shape="rect" 
href="#BookInOnePage-Maven2">Maven 2</a></li><li><a shape="rect" 
href="#BookInOnePage-wsdl">wsdl</a></li><li><a shape="rect" 
href="#BookInOnePage-ConfiguringAxis">Configuring Axis</a></li><li><a 
shape="rect" href="#BookInOnePage-RunningtheExample">Running the 
Example</a></li></ul>

Modified: websites/production/camel/content/book-tutorials.html
==============================================================================
--- websites/production/camel/content/book-tutorials.html (original)
+++ websites/production/camel/content/book-tutorials.html Wed Nov 15 09:27:20 
2017
@@ -1996,11 +1996,11 @@ So we completed the last piece in the pi
 <p>This example has been removed from <strong>Camel 2.9</strong> onwards. 
Apache Axis 1.4 is a very old and unsupported framework. We encourage users to 
use <a shape="rect" href="cxf.html">CXF</a> instead of Axis.</p></div></div>
 
 <style type="text/css">/*<![CDATA[*/
-div.rbtoc1510647946300 {padding: 0px;}
-div.rbtoc1510647946300 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1510647946300 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1510737841192 {padding: 0px;}
+div.rbtoc1510737841192 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1510737841192 li {margin-left: 0px;padding-left: 0px;}
 
-/*]]>*/</style><div class="toc-macro rbtoc1510647946300">
+/*]]>*/</style><div class="toc-macro rbtoc1510737841192">
 <ul class="toc-indentation"><li><a shape="rect" 
href="#BookTutorials-TutorialusingAxis1.4withApacheCamel">Tutorial using Axis 
1.4 with Apache Camel</a>
 <ul class="toc-indentation"><li><a shape="rect" 
href="#BookTutorials-Prerequisites">Prerequisites</a></li><li><a shape="rect" 
href="#BookTutorials-Distribution">Distribution</a></li><li><a shape="rect" 
href="#BookTutorials-Introduction">Introduction</a></li><li><a shape="rect" 
href="#BookTutorials-SettinguptheprojecttorunAxis">Setting up the project to 
run Axis</a>
 <ul class="toc-indentation"><li><a shape="rect" 
href="#BookTutorials-Maven2">Maven 2</a></li><li><a shape="rect" 
href="#BookTutorials-wsdl">wsdl</a></li><li><a shape="rect" 
href="#BookTutorials-ConfiguringAxis">Configuring Axis</a></li><li><a 
shape="rect" href="#BookTutorials-RunningtheExample">Running the 
Example</a></li></ul>

Added: websites/production/camel/content/cache/main.pageCache
==============================================================================
Binary file - no diff available.

Propchange: websites/production/camel/content/cache/main.pageCache
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: 
websites/production/camel/content/security-advisories.data/CVE-2017-12633.txt.asc
==============================================================================
--- 
websites/production/camel/content/security-advisories.data/CVE-2017-12633.txt.asc
 (added)
+++ 
websites/production/camel/content/security-advisories.data/CVE-2017-12633.txt.asc
 Wed Nov 15 09:27:20 2017
@@ -0,0 +1,33 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+CVE-2017-12633: Apache Camel's Hessian unmarshalling operation is vulnerable
+to Remote Code Execution attacks
+
+Severity: MEDIUM
+
+Vendor: The Apache Software Foundation
+
+Versions Affected: Camel 2.19.0 to 2.19.3 and Camel 2.20.0
+The unsupported Camel 2.x (2.18 and earlier) versions may be also affected.
+
+Description: Apache Camel's camel-hessian component is vulnerable to Java 
object
+de-serialisation vulnerability. De-serializing untrusted data can lead to 
security flaws.
+
+Mitigation: 2.19.x users should upgrade to 2.19.4, 2.20.0 users should upgrade 
to 2.20.1. 
+
+The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-11923
+refers to the various commits that resovoled the issue, and have more details.
+
+Credit: This issue was discovered by Moritz Bechler from AgNO3 GmbH & Co.
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.22 (GNU/Linux)
+
+iQEcBAEBAgAGBQJaC/hCAAoJEONOnzgC/0EANYoH/3L/EMwTMeF/bHw+rHN6TYEf
+vS6fYmpG9zygJt0yIA+yHqgidxKdtPHpoOnBhCw/pQsoiEpDTe75eiilTE6j5U1d
+DDtHri3Im45WEL28BeHfb5Eme2ccVj055pYgPnQpGTN2cO5+rkykWdU/obfk44Rr
+01b8a+i0nM+LJ9N6Tw8n1wQMvfwNYQTHdK1RVXYbm2JedjJYHGBgqgjEZOfrCQ1r
+QNqSr9U0hkt0CdYgxGIY2WJi/AIHwLbOuYH3u+m02WJgw2abJRRabLNMiQCz93IF
+k9FZBUTf2I45FPpT/Y5FC5+HgKzW40vTCRAcuZlpwdq9Kv8nF3DFcsPVxBSM9ok=
+=knWB
+-----END PGP SIGNATURE-----

Added: 
websites/production/camel/content/security-advisories.data/CVE-2017-12634.txt.asc
==============================================================================
--- 
websites/production/camel/content/security-advisories.data/CVE-2017-12634.txt.asc
 (added)
+++ 
websites/production/camel/content/security-advisories.data/CVE-2017-12634.txt.asc
 Wed Nov 15 09:27:20 2017
@@ -0,0 +1,33 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+CVE-2017-12634: Apache Camel's Castor unmarshalling operation is vulnerable
+to Remote Code Execution attacks
+
+Severity: MEDIUM
+
+Vendor: The Apache Software Foundation
+
+Versions Affected: Camel 2.19.0 to 2.19.3 and Camel 2.20.0
+The unsupported Camel 2.x (2.18 and earlier) versions may be also affected.
+
+Description: Apache Camel's camel-castor component is vulnerable to Java object
+de-serialisation vulnerability. De-serializing untrusted data can lead to 
security flaws.
+
+Mitigation: 2.19.x users should upgrade to 2.19.4, 2.20.0 users should upgrade 
to 2.20.1. 
+
+The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-11929
+refers to the various commits that resovoled the issue, and have more details.
+
+Credit: This issue was discovered by Man Yue Mo <mmo at semmle dot com> from 
Semmle/lgtm.com.
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.22 (GNU/Linux)
+
+iQEcBAEBAgAGBQJaC/hNAAoJEONOnzgC/0EAjcgH/0pwXq7bn9HTnKJOswZ64QWA
+7yhFD2UASVaV3jZJnl/gavlHeLXqGdi+jBs2INxveNF9MWdSacRfi6aO+4scYZDw
+18Ra+nH2FVeIeO3VhrI0WQTTK9TNByLmiZ3Rn0v2eH06XV7Oc3MR5JsdEHBR3YCx
+T6TLqGB8QD/fXICmr5ztLeIVAWMFhThNVHiNX281cOtiyZrWWNHGfJAKTPEVz+nL
+/EiNn7M2o/8NGWNVr1rC+yBAGxoMrSd7eyNoMC7kd42uF+rpJWzi/QE8we6wQrDO
+3hhzUJsmAHv+Ap/97gp/Z+plDvysDREj3YnFMUFrJkJeBVqeg5c8XJGTiwMCN+k=
+=Cb8h
+-----END PGP SIGNATURE-----

Modified: websites/production/camel/content/security-advisories.html
==============================================================================
--- websites/production/camel/content/security-advisories.html (original)
+++ websites/production/camel/content/security-advisories.html Wed Nov 15 
09:27:20 2017
@@ -75,7 +75,7 @@
        <tbody>
         <tr>
         <td valign="top" width="100%">
-<div class="wiki-content maincontent"><h3 
id="SecurityAdvisories-2017">2017</h3><ul><li><a shape="rect" 
href="security-advisories.data/CVE-2017-5643.txt.asc?version=1&amp;modificationDate=1489652454000&amp;api=v2"
 data-linked-resource-id="68719271" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2017-5643.txt.asc" 
data-linked-resource-content-type="application/pgp-encrypted" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="14">CVE-2017-5643</a>&#160;-&#160;Apache
 Camel's Validation Component is vulnerable against SSRF via remote DTDs and 
XXE</li><li><a shape="rect" 
href="security-advisories.data/CVE-2017-3159.txt.asc?version=1&amp;modificationDate=1486565167000&amp;api=v2"
 data-linked-resource-id="67641933" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2017-3159.txt.asc" 
data-linked-resource-content-type="application/pg
 p-encrypted" data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="14">CVE-2017-3159</a>&#160;-&#160;Apache
 Camel's Snakeyaml unmarshalling operation is vulnerable to Remote Code 
Execution attacks</li></ul><h3 id="SecurityAdvisories-2016">2016</h3><ul><li><a 
shape="rect" 
href="security-advisories.data/CVE-2016-8749.txt.asc?version=2&amp;modificationDate=1486565034000&amp;api=v2"
 data-linked-resource-id="67641927" data-linked-resource-version="2" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2016-8749.txt.asc" 
data-linked-resource-content-type="application/pgp-encrypted" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="14">CVE-2016-8749</a>&#160;-&#160;Apache
 Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to 
Remote Code Execution attacks</li></ul><h3 
id="SecurityAdvisories-2015">2015</h3><ul><li><a shape="rect" 
href="security-advisories.data/CVE-2015-5344.txt.asc
 ?version=1&amp;modificationDate=1454056803000&amp;api=v2" 
data-linked-resource-id="61338184" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2015-5344.txt.asc" data-nice-type="Text 
File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="14">CVE-2015-5344</a>&#160;-&#160;Apache
 Camel's XStream usage is vulnerable&#160;to Remote Code Execution 
attacks.</li><li><a shape="rect" 
href="security-advisories.data/CVE-2015-5348.txt.asc?version=1&amp;modificationDate=1450340845000&amp;api=v2"
 data-linked-resource-id="61333112" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2015-5348.txt.asc" data-nice-type="Text 
File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="14">CVE-2015-5348</a> - Apache Camel's 
 Jetty/Servlet usage is vulnerable to Java object de-serialisation 
vulnerability.</li><li><a shape="rect" 
href="security-advisories.data/CVE-2015-0264.txt.asc?version=1&amp;modificationDate=1426539191000&amp;api=v2"
 data-linked-resource-id="54165590" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2015-0264.txt.asc" data-nice-type="Text 
File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="14">CVE-2015-0264</a> - The XPath 
handling in Apache Camel for invalid XML Strings or invalid XML GenericFile 
objects allows remote attackers to read arbitrary files via an XML External 
Entity (XXE) declaration. The XML External Entity (XXE) will be resolved before 
the Exception is thrown.</li><li><a shape="rect" 
href="security-advisories.data/CVE-2015-0263.txt.asc?version=1&amp;modificationDate=1426539178000&amp;api=v2"
 data-linked-resource-id="5416558
 9" data-linked-resource-version="1" data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2015-0263.txt.asc" data-nice-type="Text 
File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="14">CVE-2015-0263</a> - The XML 
converter setup in Apache Camel allows remote attackers to read arbitrary files 
via an SAXSource containing an XML External Entity (XXE) 
declaration.</li></ul><h3 id="SecurityAdvisories-2014">2014</h3><ul><li><a 
shape="rect" 
href="security-advisories.data/CVE-2014-0003.txt.asc?version=1&amp;modificationDate=1393615582000&amp;api=v2"
 data-linked-resource-id="40009835" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2014-0003.txt.asc" data-nice-type="Text 
File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="14">CVE-2014
 -0003</a> - The Apache Camel XSLT component allows XSL stylesheets to perform 
calls to external Java methods.</li><li><a shape="rect" 
href="security-advisories.data/CVE-2014-0002.txt.asc?version=1&amp;modificationDate=1393615569000&amp;api=v2"
 data-linked-resource-id="40009834" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2014-0002.txt.asc" data-nice-type="Text 
File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="14">CVE-2014-0002</a> - The Apache 
Camel XSLT component will resolve entities in XML messages when transforming 
them using an xslt route.</li></ul><h3 
id="SecurityAdvisories-2013">2013</h3><ul><li><a shape="rect" 
href="security-advisories.data/CVE-2013-4330.txt.asc?version=1&amp;modificationDate=1380633919000&amp;api=v2"
 data-linked-resource-id="35192841" data-linked-resource-version="1" 
data-linked-resource-type="attachment
 " data-linked-resource-default-alias="CVE-2013-4330.txt.asc" 
data-nice-type="Text File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="14">CVE-2013-4330</a> - Writing files 
using FILE or FTP components, can potentially be exploited by a malicious 
user.</li></ul><p>&#160;</p></div>
+<div class="wiki-content maincontent"><h3 
id="SecurityAdvisories-2017">2017</h3><ul><li><a shape="rect" 
href="security-advisories.data/CVE-2017-12634.txt.asc?version=1&amp;modificationDate=1510733922204&amp;api=v2"
 data-linked-resource-id="74687198" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2017-12634.txt.asc" 
data-nice-type="Text File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2017-12634</a>&#160;- Apache 
Camel's Castor unmarshalling operation is vulnerable to Remote Code Execution 
attacks</li><li><a shape="rect" 
href="security-advisories.data/CVE-2017-12633.txt.asc?version=1&amp;modificationDate=1510733921549&amp;api=v2"
 data-linked-resource-id="74687197" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2017-12633.txt.asc" 
data-nice-type="Text File" data
 -linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2017-12633</a>&#160;- Apache 
Camel's Hessian unmarshalling operation is vulnerable to Remote Code Execution 
attacks</li><li><a shape="rect" 
href="security-advisories.data/CVE-2017-5643.txt.asc?version=1&amp;modificationDate=1489652454000&amp;api=v2"
 data-linked-resource-id="68719271" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2017-5643.txt.asc" 
data-linked-resource-content-type="application/pgp-encrypted" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2017-5643</a>&#160;-&#160;Apache
 Camel's Validation Component is vulnerable against SSRF via remote DTDs and 
XXE</li><li><a shape="rect" 
href="security-advisories.data/CVE-2017-3159.txt.asc?version=1&amp;modificationDate=1486565167000&amp;api=v2"
 data-linked-resource-id="67641933" data-lin
 ked-resource-version="1" data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2017-3159.txt.asc" 
data-linked-resource-content-type="application/pgp-encrypted" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2017-3159</a>&#160;-&#160;Apache
 Camel's Snakeyaml unmarshalling operation is vulnerable to Remote Code 
Execution attacks</li></ul><h3 id="SecurityAdvisories-2016">2016</h3><ul><li><a 
shape="rect" 
href="security-advisories.data/CVE-2016-8749.txt.asc?version=2&amp;modificationDate=1486565034000&amp;api=v2"
 data-linked-resource-id="67641927" data-linked-resource-version="2" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2016-8749.txt.asc" 
data-linked-resource-content-type="application/pgp-encrypted" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2016-8749</a>&#160;-&#160;Apache
 Camel's Jackson and JacksonXML unmarshalling operation are
  vulnerable to Remote Code Execution attacks</li></ul><h3 
id="SecurityAdvisories-2015">2015</h3><ul><li><a shape="rect" 
href="security-advisories.data/CVE-2015-5344.txt.asc?version=1&amp;modificationDate=1454056803000&amp;api=v2"
 data-linked-resource-id="61338184" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2015-5344.txt.asc" data-nice-type="Text 
File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2015-5344</a>&#160;-&#160;Apache
 Camel's XStream usage is vulnerable&#160;to Remote Code Execution 
attacks.</li><li><a shape="rect" 
href="security-advisories.data/CVE-2015-5348.txt.asc?version=1&amp;modificationDate=1450340845000&amp;api=v2"
 data-linked-resource-id="61333112" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2015-5348.txt.asc" data-nice-type="Text 
File"
  data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2015-5348</a> - Apache Camel's 
Jetty/Servlet usage is vulnerable to Java object de-serialisation 
vulnerability.</li><li><a shape="rect" 
href="security-advisories.data/CVE-2015-0264.txt.asc?version=1&amp;modificationDate=1426539191000&amp;api=v2"
 data-linked-resource-id="54165590" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2015-0264.txt.asc" data-nice-type="Text 
File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2015-0264</a> - The XPath 
handling in Apache Camel for invalid XML Strings or invalid XML GenericFile 
objects allows remote attackers to read arbitrary files via an XML External 
Entity (XXE) declaration. The XML External Entity (XXE) will be resolved before 
the Exception is th
 rown.</li><li><a shape="rect" 
href="security-advisories.data/CVE-2015-0263.txt.asc?version=1&amp;modificationDate=1426539178000&amp;api=v2"
 data-linked-resource-id="54165589" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2015-0263.txt.asc" data-nice-type="Text 
File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2015-0263</a> - The XML 
converter setup in Apache Camel allows remote attackers to read arbitrary files 
via an SAXSource containing an XML External Entity (XXE) 
declaration.</li></ul><h3 id="SecurityAdvisories-2014">2014</h3><ul><li><a 
shape="rect" 
href="security-advisories.data/CVE-2014-0003.txt.asc?version=1&amp;modificationDate=1393615582000&amp;api=v2"
 data-linked-resource-id="40009835" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2014-0003.txt.asc"
  data-nice-type="Text File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2014-0003</a> - The Apache 
Camel XSLT component allows XSL stylesheets to perform calls to external Java 
methods.</li><li><a shape="rect" 
href="security-advisories.data/CVE-2014-0002.txt.asc?version=1&amp;modificationDate=1393615569000&amp;api=v2"
 data-linked-resource-id="40009834" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2014-0002.txt.asc" data-nice-type="Text 
File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2014-0002</a> - The Apache 
Camel XSLT component will resolve entities in XML messages when transforming 
them using an xslt route.</li></ul><h3 
id="SecurityAdvisories-2013">2013</h3><ul><li><a shape="rect" 
href="security-advisories.data/CVE-2013-433
 0.txt.asc?version=1&amp;modificationDate=1380633919000&amp;api=v2" 
data-linked-resource-id="35192841" data-linked-resource-version="1" 
data-linked-resource-type="attachment" 
data-linked-resource-default-alias="CVE-2013-4330.txt.asc" data-nice-type="Text 
File" data-linked-resource-content-type="text/plain" 
data-linked-resource-container-id="34833933" 
data-linked-resource-container-version="15">CVE-2013-4330</a> - Writing files 
using FILE or FTP components, can potentially be exploited by a malicious 
user.</li></ul><p>&#160;</p></div>
         </td>
         <td valign="top">
           <div class="navigation">

Modified: websites/production/camel/content/siteindex.html
==============================================================================
--- websites/production/camel/content/siteindex.html (original)
+++ websites/production/camel/content/siteindex.html Wed Nov 15 09:27:20 2017
@@ -2226,7 +2226,7 @@
              <div class="smalltext" style="margin: 0 0 0 36px">Security Camel 
offers several forms &amp; levels of security capabilities that can be utilized 
on camel routes. These various forms of security may be used in conjunction 
with each other or separately. The broad categories offered are Route Security 
- Authent</div>
                              <span class="icon aui-icon aui-icon-small 
aui-iconfont-page-default" title="Page">Page:</span>                 <a 
shape="rect" href="security-advisories.html">Security Advisories</a>
         <br clear="none">
-             <div class="smalltext" style="margin: 0 0 0 36px">2017 
CVE-2017-5643 - Apache Camel's Validation Component is vulnerable against SSRF 
via remote DTDs and XXE CVE-2017-3159 - Apache Camel's Snakeyaml unmarshalling 
operation is vulnerable to Remote Code Execution attacks 2016 CVE-2016-8749 - 
Apache Camel's</div>
+             <div class="smalltext" style="margin: 0 0 0 36px">2017 
CVE-2017-12634 - Apache Camel's Castor unmarshalling operation is vulnerable to 
Remote Code Execution attacks CVE-2017-12633 - Apache Camel's Hessian 
unmarshalling operation is vulnerable to Remote Code Execution attacks 
CVE-2017-5643 - Apache Camel'</div>
                              <span class="icon aui-icon aui-icon-small 
aui-iconfont-page-default" title="Page">Page:</span>                 <a 
shape="rect" href="seda.html">SEDA</a>
         <br clear="none">
              <div class="smalltext" style="margin: 0 0 0 36px">SEDA Component 
The seda: component provides asynchronous SEDA 
https://en.wikipedia.org/wiki/Staged_event-driven_architecture behavior, so 
that messages are exchanged on a BlockingQueue and consumers are invoked in a 
separate thread from the producer. http</div>

svn commit: r1020879 - in /websites/production/camel/content: ./ cache/ security-advisories.data/

Reply via email to