kafka-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cmcc...@apache.org
Subject [kafka-site] 01/01: Fix missing close tag in cve-list.html
Date Fri, 02 Aug 2019 18:40:09 GMT
This is an automated email from the ASF dual-hosted git repository.

cmccabe pushed a commit to branch cve2
in repository https://gitbox.apache.org/repos/asf/kafka-site.git

commit 8b24d3fdc3699d9c27579ed7eeb0cae9c5cc9d86
Author: Colin P. Mccabe <cmccabe@confluent.io>
AuthorDate: Fri Aug 2 11:36:39 2019 -0700

    Fix missing close tag in cve-list.html
---
 cve-list.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cve-list.html b/cve-list.html
index a7bb658..5c797df 100644
--- a/cve-list.html
+++ b/cve-list.html
@@ -9,6 +9,7 @@
 This page lists all security vulnerabilities fixed in released versions of Apache Kafka.
 
 <h2><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17196">CVE-2018-17196</a>
+Authenticated clients with Write permission may bypass transaction/idempotent ACL validation</h2>
 <p>In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually
 craft a Produce request which bypasses transaction/idempotent ACL validation.
 Only authenticated clients with Write permission on the respective topics are


Mime
View raw message