Mageia 2021-0039: resteasy security update
Summary
A flaw was found in Resteasy, where an improper input validation results in
returning an illegal header that integrates into the server's response. This
flaw may result in an injection, which leads to unexpected behavior when the
HTTP response is constructed (CVE-2020-1695).
References
- https://bugs.mageia.org/show_bug.cgi?id=27794
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IJDMT443YZWCBS5NS76XZ7TL3GK7BXHL/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1695
Resolution
MGASA-2021-0039 - Updated resteasy packages fix a security vulnerability
SRPMS
- 7/core/resteasy-3.0.26-2.mga7