Skip to content

ISPN-8624 Extend unmarshalling white list to GenericJBossMarshaller #5639

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jan 16, 2018

Conversation

galderz
Copy link
Member

@galderz galderz commented Dec 13, 2017

@ryanemerson ryanemerson added the pr/changes required Pull Request requires changes label Dec 22, 2017
@ryanemerson
Copy link
Contributor

ryanemerson commented Dec 22, 2017

@galderz There are multiple test failures related to the hotrod client

@galderz galderz force-pushed the t_8624 branch 3 times, most recently from 8fde788 to 12dd930 Compare January 9, 2018 14:01
@galderz galderz removed the pr/changes required Pull Request requires changes label Jan 9, 2018
@galderz
Copy link
Member Author

galderz commented Jan 9, 2018

Fixed compilation and failing tests.

@galderz galderz force-pushed the t_8624 branch 3 times, most recently from 2cd3209 to c888eef Compare January 11, 2018 14:20
* Add documentation entry to make sure any custom marshaller
  implementations implement white class name verification.
@tristantarrant tristantarrant merged commit 2944b0d into infinispan:master Jan 16, 2018
@tristantarrant
Copy link
Member

Merged, thanks

@shrimpsha
Copy link

@tristantarrant Can this MR solve the CVE issue"CVE-2017-15089", and if solved, then what's the fixed version? Infinispan 9.2.0.Final? Thanks!
The CVE link:https://nvd.nist.gov/vuln/detail/CVE-2017-15089#vulnDescriptionTitle

@tristantarrant
Copy link
Member

9.2.0.Final and 9.1.7.Final

@shrimpsha
Copy link

@tristantarrant Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants