Vista Combinata Vista Piatta Vista ad Albero
Discussioni [ Precedente | Successivo ]
James Falkner
Security Advisory: Multiple Advisories for Liferay Portal 6.1 CE GA2
23 ottobre 2012 9.45

James Falkner

Community Moderator

Punteggio: Liferay Legend

Messaggi: 1406

Data di Iscrizione: 17 settembre 2010

Messaggi recenti

The following security advisories have been announced for Liferay Portal 6.1 CE GA2 (6.1.1):
  • CST-SA: LPS-30093 Organization administrators can change an omni-admin's password
  • CST-SA: LPS-29338 XSS in group membership requests
  • CST-SA: LPS-29148 Private announcements can be viewed through announcement edit
  • CST-SA: LPS-29061 created by setupwizard even when different user specified
  • CST-SA: LPS-30586 Able to delete any user by created URL

A source patch for each vulnerability is now available through the Known Vulnerabilities page. In addition, a cumulative source and binary patch are available. Please see the Security Patch Information page for details on how to apply these patches.

Liferay Portal CE users are strongly advised to keep abreast of all new security advisories and apply associated fixes to your Liferay deployments.

Participate in the State of Liferay Community 2017. Help the community and even win some prizes!