Your submission was sent successfully! Close

USN-5525-1: Apache XML Security for Java vulnerability

20 July 2022

Apache XML Security for Java could be made to expose sensitive information.

Releases

Packages

Details

It was discovered that Apache XML Security for Java incorrectly passed a
configuration property when creating specific key elements. This allows an
attacker to abuse an XPath Transform to extract sensitive information.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04
Ubuntu 18.04

In general, a standard system update will make all the necessary changes.

References