THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- CVE-2017-7661: The Apache CXF Fediz Jetty and Spring plugins are vulnerable to CSRF attacks.
- CVE-2017-7662: The Apache CXF Fediz OIDC Client Registration Service is vulnerable to CSRF attacks.
Please upgrade to the latest releases as soon as possible.
April 28, 2017 - Apache CXF Fediz 1.4.0, 1.3.2 and 1.2.4 released
...
For more information and to download the new releases, please go here.
September 8, 2016 - A new security advisory for Apache CXF Fediz is released
A security issue was fixed in the latest Fediz releases (1.3.1 + 1.2.3):
- CVE-2016-4464: Apache CXF Fediz application plugins do not match the SAML AudienceRestriction values against the list of configured audience URIs
Please upgrade to the latest releases as soon as possible.
Features
The following features are supported by Fediz 1.2
...