release-notes/1.7.3.html - axis-site - Git at Google

 <!DOCTYPE html>
 <!--
  | Generated by Apache Maven Doxia Site Renderer 1.11.1 at 2022-07-14
  | Rendered using Apache Maven Fluido Skin 1.6
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <meta name="Date-Revision-yyyymmdd" content="20220714" />
     <meta http-equiv="Content-Language" content="en" />
     <title>Apache Axis2 &#x2013; Apache Axis2 1.7.3 Release Note</title>
     <link rel="stylesheet" href="../css/apache-maven-fluido-1.6.min.css" />
     <link rel="stylesheet" href="../css/site.css" />
     <link rel="stylesheet" href="../css/print.css" media="print" />
       <script type="text/javascript" src="../js/apache-maven-fluido-1.6.min.js"></script>
       </head>
     <body class="topBarDisabled">
       <div class="container-fluid">
       <div id="banner">
         <div class="pull-left"><a href="http://www.apache.org/" id="bannerLeft"><img src="http://www.apache.org/images/asf_logo_wide.png"  alt="Apache Axis2"/></a></div>
         <div class="pull-right"><a href=".././" id="bannerRight"><img src="../images/axis.jpg" /></a></div>
         <div class="clear"><hr/></div>
       </div>

       <div id="breadcrumbs">
         <ul class="breadcrumb">
         <li id="publishDate">Last Published: 2022-07-14<span class="divider">|</span>
 </li>
           <li id="projectVersion">Version: 1.8.2<span class="divider">|</span></li>
         <li class=""><a href="http://www.apache.org" class="externalLink" title="Apache">Apache</a><span class="divider">/</span></li>
       <li class=""><a href="../index.html" title="Axis2/Java">Axis2/Java</a><span class="divider">/</span></li>
     <li class="active ">Apache Axis2 1.7.3 Release Note</li>
         </ul>
       </div>
       <div class="row-fluid">
         <div id="leftColumn" class="span2">
           <div class="well sidebar-nav">
 <ul class="nav nav-list">
           <li class="nav-header">Axis2/Java</li>
     <li><a href="../index.html" title="Home"><span class="none"></span>Home</a>  </li>
     <li><a href="../download.html" title="Downloads"><span class="none"></span>Downloads</a>  </li>
     <li><a href="javascript:void(0)" title="Release Notes"><span class="icon-chevron-down"></span>Release Notes</a>
       <ul class="nav nav-list">
     <li><a href="../release-notes/1.6.1.html" title="1.6.1"><span class="none"></span>1.6.1</a>  </li>
     <li><a href="../release-notes/1.6.2.html" title="1.6.2"><span class="none"></span>1.6.2</a>  </li>
     <li><a href="../release-notes/1.6.3.html" title="1.6.3"><span class="none"></span>1.6.3</a>  </li>
     <li><a href="../release-notes/1.6.4.html" title="1.6.4"><span class="none"></span>1.6.4</a>  </li>
     <li><a href="../release-notes/1.7.0.html" title="1.7.0"><span class="none"></span>1.7.0</a>  </li>
     <li><a href="../release-notes/1.7.1.html" title="1.7.1"><span class="none"></span>1.7.1</a>  </li>
     <li><a href="../release-notes/1.7.2.html" title="1.7.2"><span class="none"></span>1.7.2</a>  </li>
     <li class="active"><a href="#"><span class="none"></span>1.7.3</a>
   </li>
     <li><a href="../release-notes/1.7.4.html" title="1.7.4"><span class="none"></span>1.7.4</a>  </li>
     <li><a href="../release-notes/1.7.5.html" title="1.7.5"><span class="none"></span>1.7.5</a>  </li>
     <li><a href="../release-notes/1.7.6.html" title="1.7.6"><span class="none"></span>1.7.6</a>  </li>
     <li><a href="../release-notes/1.7.7.html" title="1.7.7"><span class="none"></span>1.7.7</a>  </li>
     <li><a href="../release-notes/1.7.8.html" title="1.7.8"><span class="none"></span>1.7.8</a>  </li>
     <li><a href="../release-notes/1.7.9.html" title="1.7.9"><span class="none"></span>1.7.9</a>  </li>
     <li><a href="../release-notes/1.8.0.html" title="1.8.0"><span class="none"></span>1.8.0</a>  </li>
       </ul>
   </li>
     <li><a href="../modules/index.html" title="Modules"><span class="none"></span>Modules</a>  </li>
     <li><a href="../tools/index.html" title="Tools"><span class="none"></span>Tools</a>  </li>
           <li class="nav-header">Documentation</li>
     <li><a href="../docs/toc.html" title="Table of Contents"><span class="none"></span>Table of Contents</a>  </li>
     <li><a href="../docs/installationguide.html" title="Installation Guide"><span class="none"></span>Installation Guide</a>  </li>
     <li><a href="../docs/quickstartguide.html" title="QuickStart Guide"><span class="none"></span>QuickStart Guide</a>  </li>
     <li><a href="../docs/userguide.html" title="User Guide"><span class="none"></span>User Guide</a>  </li>
     <li><a href="../docs/jaxws-guide.html" title="JAXWS Guide"><span class="none"></span>JAXWS Guide</a>  </li>
     <li><a href="../docs/pojoguide.html" title="POJO Guide"><span class="none"></span>POJO Guide</a>  </li>
     <li><a href="../docs/spring.html" title="Spring Guide"><span class="none"></span>Spring Guide</a>  </li>
     <li><a href="../docs/webadminguide.html" title="Web Administrator's Guide"><span class="none"></span>Web Administrator's Guide</a>  </li>
     <li><a href="../docs/migration.html" title="Migration Guide (from Axis1)"><span class="none"></span>Migration Guide (from Axis1)</a>  </li>
           <li class="nav-header">Resources</li>
     <li><a href="../faq.html" title="FAQ"><span class="none"></span>FAQ</a>  </li>
     <li><a href="../articles.html" title="Articles"><span class="none"></span>Articles</a>  </li>
     <li><a href="http://wiki.apache.org/ws/FrontPage/Axis2/" class="externalLink" title="Wiki"><span class="none"></span>Wiki</a>  </li>
     <li><a href="../refLib.html" title="Reference Library"><span class="none"></span>Reference Library</a>  </li>
     <li><a href="../apidocs/index.html" title="Online Java Docs"><span class="none"></span>Online Java Docs</a>  </li>
           <li class="nav-header">Get Involved</li>
     <li><a href="../overview.html" title="Overview"><span class="none"></span>Overview</a>  </li>
     <li><a href="../git.html" title="Checkout the Source"><span class="none"></span>Checkout the Source</a>  </li>
     <li><a href="../mail-lists.html" title="Mailing Lists"><span class="none"></span>Mailing Lists</a>  </li>
     <li><a href="../release-process.html" title="Release Process"><span class="none"></span>Release Process</a>  </li>
     <li><a href="../guidelines.html" title="Developer Guidelines"><span class="none"></span>Developer Guidelines</a>  </li>
     <li><a href="../siteHowTo.html" title="Build the Site"><span class="none"></span>Build the Site</a>  </li>
           <li class="nav-header">Project Information</li>
     <li><a href="../team-list.html" title="Project Team"><span class="none"></span>Project Team</a>  </li>
     <li><a href="../issue-tracking.html" title="Issue Tracking"><span class="none"></span>Issue Tracking</a>  </li>
     <li><a href="http://svn.apache.org/viewvc/axis/axis2/java/core/trunk/" class="externalLink" title="Source Code"><span class="none"></span>Source Code</a>  </li>
     <li><a href="../thanks.html" title="Acknowledgements"><span class="none"></span>Acknowledgements</a>  </li>
           <li class="nav-header">Apache</li>
     <li><a href="http://www.apache.org/licenses/LICENSE-2.0.html" class="externalLink" title="License"><span class="none"></span>License</a>  </li>
     <li><a href="http://www.apache.org/foundation/sponsorship.html" class="externalLink" title="Sponsorship"><span class="none"></span>Sponsorship</a>  </li>
     <li><a href="http://www.apache.org/foundation/thanks.html" class="externalLink" title="Thanks"><span class="none"></span>Thanks</a>  </li>
     <li><a href="http://www.apache.org/security/" class="externalLink" title="Security"><span class="none"></span>Security</a>  </li>
   </ul>
           <hr />
           <div id="poweredBy">
               <div class="clear"></div>
               <div class="clear"></div>
               <div class="clear"></div>
               <div class="clear"></div>
   <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy"><img class="builtBy" alt="Built by Maven" src="../images/logos/maven-feather.png" /></a>
               </div>
           </div>
         </div>
         <div id="bodyColumn"  class="span10" >
 <section>
 <h2><a name="Apache_Axis2_1.7.3_Release_Note"></a>Apache Axis2 1.7.3 Release Note</h2>
 <p>Apache Axis2 1.7.3 is a security release that contains a fix for <a class="externalLink" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3981">CVE-2010-3981</a>. That security
 vulnerability affects the admin console that is part of the Axis2 Web application and was originally
 reported for SAP BusinessObjects (which includes a version of Axis2). That report didn't mention
 Axis2 at all and the Axis2 project only recently became aware (thanks to Devesh Bhatt and Nishant
 Agarwala) that the issue affects Apache Axis2 as well.</p>
 <p>The admin console now has a CSRF prevention mechanism and all known XSS vulnerabilities as well as
 two non-security bugs in the admin console (<a class="externalLink" href="https://issues.apache.org/jira/browse/AXIS2-4764">AXIS2-4764</a> and <a class="externalLink" href="https://issues.apache.org/jira/browse/AXIS2-5716">AXIS2-5716</a>) have been fixed.
 Users of the Axis2 WAR distribution are encouraged to upgrade to 1.7.3 to take advantage of these
 improvements.</p>
 <p>This release also fixes a regression in the HTTP client code that is triggered by the presence of
 certain types of cookies in HTTP responses (see <a class="externalLink" href="https://issues.apache.org/jira/browse/AXIS2-5772">AXIS2-5772</a>).</p></section>
         </div>
       </div>
     </div>
     <hr/>
     <footer>
       <div class="container-fluid">
         <div class="row-fluid">
             <p>Copyright &copy;2004&#x2013;2022
 <a href="https://www.apache.org/">The Apache Software Foundation</a>.
 All rights reserved.</p>
         </div>
         </div>
     </footer>
     </body>
 </html>
	<!DOCTYPE html>
	<!--
	\| Generated by Apache Maven Doxia Site Renderer 1.11.1 at 2022-07-14
	\| Rendered using Apache Maven Fluido Skin 1.6
	-->
	<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
	<head>
	<meta charset="UTF-8" />
	<meta name="viewport" content="width=device-width, initial-scale=1.0" />
	<meta name="Date-Revision-yyyymmdd" content="20220714" />
	<meta http-equiv="Content-Language" content="en" />
	<title>Apache Axis2 – Apache Axis2 1.7.3 Release Note</title>
	<link rel="stylesheet" href="../css/apache-maven-fluido-1.6.min.css" />
	<link rel="stylesheet" href="../css/site.css" />
	<link rel="stylesheet" href="../css/print.css" media="print" />
	<script type="text/javascript" src="../js/apache-maven-fluido-1.6.min.js"></script>
	</head>
	<body class="topBarDisabled">
	<div class="container-fluid">
	<div id="banner">
	<div class="pull-left"><a href="http://www.apache.org/" id="bannerLeft"><img src="http://www.apache.org/images/asf_logo_wide.png" alt="Apache Axis2"/></a></div>
	<div class="pull-right"><a href=".././" id="bannerRight"><img src="../images/axis.jpg" /></a></div>
	<div class="clear"><hr/></div>
	</div>

	<div id="breadcrumbs">
	<ul class="breadcrumb">
	<li id="publishDate">Last Published: 2022-07-14<span class="divider">\|</span>
	</li>
	<li id="projectVersion">Version: 1.8.2<span class="divider">\|</span></li>
	<li class=""><a href="http://www.apache.org" class="externalLink" title="Apache">Apache</a><span class="divider">/</span></li>
	<li class=""><a href="../index.html" title="Axis2/Java">Axis2/Java</a><span class="divider">/</span></li>
	<li class="active ">Apache Axis2 1.7.3 Release Note</li>
	</ul>
	</div>
	<div class="row-fluid">
	<div id="leftColumn" class="span2">
	<div class="well sidebar-nav">
	<ul class="nav nav-list">
	<li class="nav-header">Axis2/Java</li>
	<li><a href="../index.html" title="Home"><span class="none"></span>Home</a> </li>
	<li><a href="../download.html" title="Downloads"><span class="none"></span>Downloads</a> </li>
	<li><a href="javascript:void(0)" title="Release Notes"><span class="icon-chevron-down"></span>Release Notes</a>
	<ul class="nav nav-list">
	<li><a href="../release-notes/1.6.1.html" title="1.6.1"><span class="none"></span>1.6.1</a> </li>
	<li><a href="../release-notes/1.6.2.html" title="1.6.2"><span class="none"></span>1.6.2</a> </li>
	<li><a href="../release-notes/1.6.3.html" title="1.6.3"><span class="none"></span>1.6.3</a> </li>
	<li><a href="../release-notes/1.6.4.html" title="1.6.4"><span class="none"></span>1.6.4</a> </li>
	<li><a href="../release-notes/1.7.0.html" title="1.7.0"><span class="none"></span>1.7.0</a> </li>
	<li><a href="../release-notes/1.7.1.html" title="1.7.1"><span class="none"></span>1.7.1</a> </li>
	<li><a href="../release-notes/1.7.2.html" title="1.7.2"><span class="none"></span>1.7.2</a> </li>
	<li class="active"><a href="#"><span class="none"></span>1.7.3</a>
	</li>
	<li><a href="../release-notes/1.7.4.html" title="1.7.4"><span class="none"></span>1.7.4</a> </li>
	<li><a href="../release-notes/1.7.5.html" title="1.7.5"><span class="none"></span>1.7.5</a> </li>
	<li><a href="../release-notes/1.7.6.html" title="1.7.6"><span class="none"></span>1.7.6</a> </li>
	<li><a href="../release-notes/1.7.7.html" title="1.7.7"><span class="none"></span>1.7.7</a> </li>
	<li><a href="../release-notes/1.7.8.html" title="1.7.8"><span class="none"></span>1.7.8</a> </li>
	<li><a href="../release-notes/1.7.9.html" title="1.7.9"><span class="none"></span>1.7.9</a> </li>
	<li><a href="../release-notes/1.8.0.html" title="1.8.0"><span class="none"></span>1.8.0</a> </li>
	</ul>
	</li>
	<li><a href="../modules/index.html" title="Modules"><span class="none"></span>Modules</a> </li>
	<li><a href="../tools/index.html" title="Tools"><span class="none"></span>Tools</a> </li>
	<li class="nav-header">Documentation</li>
	<li><a href="../docs/toc.html" title="Table of Contents"><span class="none"></span>Table of Contents</a> </li>
	<li><a href="../docs/installationguide.html" title="Installation Guide"><span class="none"></span>Installation Guide</a> </li>
	<li><a href="../docs/quickstartguide.html" title="QuickStart Guide"><span class="none"></span>QuickStart Guide</a> </li>
	<li><a href="../docs/userguide.html" title="User Guide"><span class="none"></span>User Guide</a> </li>
	<li><a href="../docs/jaxws-guide.html" title="JAXWS Guide"><span class="none"></span>JAXWS Guide</a> </li>
	<li><a href="../docs/pojoguide.html" title="POJO Guide"><span class="none"></span>POJO Guide</a> </li>
	<li><a href="../docs/spring.html" title="Spring Guide"><span class="none"></span>Spring Guide</a> </li>
	<li><a href="../docs/webadminguide.html" title="Web Administrator's Guide"><span class="none"></span>Web Administrator's Guide</a> </li>
	<li><a href="../docs/migration.html" title="Migration Guide (from Axis1)"><span class="none"></span>Migration Guide (from Axis1)</a> </li>
	<li class="nav-header">Resources</li>
	<li><a href="../faq.html" title="FAQ"><span class="none"></span>FAQ</a> </li>
	<li><a href="../articles.html" title="Articles"><span class="none"></span>Articles</a> </li>
	<li><a href="http://wiki.apache.org/ws/FrontPage/Axis2/" class="externalLink" title="Wiki"><span class="none"></span>Wiki</a> </li>
	<li><a href="../refLib.html" title="Reference Library"><span class="none"></span>Reference Library</a> </li>
	<li><a href="../apidocs/index.html" title="Online Java Docs"><span class="none"></span>Online Java Docs</a> </li>
	<li class="nav-header">Get Involved</li>
	<li><a href="../overview.html" title="Overview"><span class="none"></span>Overview</a> </li>
	<li><a href="../git.html" title="Checkout the Source"><span class="none"></span>Checkout the Source</a> </li>
	<li><a href="../mail-lists.html" title="Mailing Lists"><span class="none"></span>Mailing Lists</a> </li>
	<li><a href="../release-process.html" title="Release Process"><span class="none"></span>Release Process</a> </li>
	<li><a href="../guidelines.html" title="Developer Guidelines"><span class="none"></span>Developer Guidelines</a> </li>
	<li><a href="../siteHowTo.html" title="Build the Site"><span class="none"></span>Build the Site</a> </li>
	<li class="nav-header">Project Information</li>
	<li><a href="../team-list.html" title="Project Team"><span class="none"></span>Project Team</a> </li>
	<li><a href="../issue-tracking.html" title="Issue Tracking"><span class="none"></span>Issue Tracking</a> </li>
	<li><a href="http://svn.apache.org/viewvc/axis/axis2/java/core/trunk/" class="externalLink" title="Source Code"><span class="none"></span>Source Code</a> </li>
	<li><a href="../thanks.html" title="Acknowledgements"><span class="none"></span>Acknowledgements</a> </li>
	<li class="nav-header">Apache</li>
	<li><a href="http://www.apache.org/licenses/LICENSE-2.0.html" class="externalLink" title="License"><span class="none"></span>License</a> </li>
	<li><a href="http://www.apache.org/foundation/sponsorship.html" class="externalLink" title="Sponsorship"><span class="none"></span>Sponsorship</a> </li>
	<li><a href="http://www.apache.org/foundation/thanks.html" class="externalLink" title="Thanks"><span class="none"></span>Thanks</a> </li>
	<li><a href="http://www.apache.org/security/" class="externalLink" title="Security"><span class="none"></span>Security</a> </li>
	</ul>
	<hr />
	<div id="poweredBy">
	<div class="clear"></div>
	<div class="clear"></div>
	<div class="clear"></div>
	<div class="clear"></div>
	<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy"><img class="builtBy" alt="Built by Maven" src="../images/logos/maven-feather.png" /></a>
	</div>
	</div>
	</div>
	<div id="bodyColumn" class="span10" >
	<section>
	<h2><a name="Apache_Axis2_1.7.3_Release_Note"></a>Apache Axis2 1.7.3 Release Note</h2>
	<p>Apache Axis2 1.7.3 is a security release that contains a fix for <a class="externalLink" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3981">CVE-2010-3981</a>. That security
	vulnerability affects the admin console that is part of the Axis2 Web application and was originally
	reported for SAP BusinessObjects (which includes a version of Axis2). That report didn't mention
	Axis2 at all and the Axis2 project only recently became aware (thanks to Devesh Bhatt and Nishant
	Agarwala) that the issue affects Apache Axis2 as well.</p>
	<p>The admin console now has a CSRF prevention mechanism and all known XSS vulnerabilities as well as
	two non-security bugs in the admin console (<a class="externalLink" href="https://issues.apache.org/jira/browse/AXIS2-4764">AXIS2-4764</a> and <a class="externalLink" href="https://issues.apache.org/jira/browse/AXIS2-5716">AXIS2-5716</a>) have been fixed.
	Users of the Axis2 WAR distribution are encouraged to upgrade to 1.7.3 to take advantage of these
	improvements.</p>
	<p>This release also fixes a regression in the HTTP client code that is triggered by the presence of
	certain types of cookies in HTTP responses (see <a class="externalLink" href="https://issues.apache.org/jira/browse/AXIS2-5772">AXIS2-5772</a>).</p></section>
	</div>
	</div>
	</div>
	<hr/>
	<footer>
	<div class="container-fluid">
	<div class="row-fluid">
	<p>Copyright ©2004–2022
	<a href="https://www.apache.org/">The Apache Software Foundation</a>.
	All rights reserved.</p>
	</div>
	</div>
	</footer>
	</body>
	</html>