Security update for jakarta-taglibs-standard
jakarta-taglibs-standard was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-0254: Apache Standard Taglibs before 1.2.3 allowed remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension (bsc#920813).
-
Submitted by
Tomáš Chvátal (scarabeus_iv)
Fixed bugs
bnc#920813
VUL-0: CVE-2015-0254: jakarta-taglibs-standard: XXE and RCE via XSL extension in JSTL XML tags
