----BEGIN PGP SIGNED MESSAGE----
Hash: SHA1

An XML Encryption backwards compatibility attack on Apache CXF is described by
CVE-2012-5575:

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5575

This attack relates to a previous security advisory CVE-2011-1096
(http://cxf.apache.org/note-on-cve-2011-1096.html). CVE-2011-1096 exploited a
cryptographic weakness in the CBC mode of XML Encryption, to conduct chosen
ciphertext attacks leading to the recovery of the entire plaintext. The fix
for CVE-2011-1096 was to switch to use GCM instead of CBC. Please see the note
linked above for more information.

CVE-2012-5575 resurrects the previous attack by relying on the fact that
Apache CXF will attempt to decrypt arbitrary ciphertexts, without first
checking to see if the algorithm corresponds to the given encryption algorithm
defined by the WS-SecurityPolicy AlgorithmSuite definition.

Migration:

Any version of CXF that uses Apache WSS4J 1.6.7 or below is vulnerable to this
attack. In other words, any version of CXF below 2.5.7, 2.6.4, or 2.7.1.
However due to separate security advisories, we urge CXF users to upgrade to
one of the latest releases as follows:

CXF 2.5.x users should upgrade to CXF 2.5.10.
CXF 2.6.x users should upgrade to CXF 2.6.7.
CXF 2.7.x users should upgrade to CXF 2.7.4.

----BEGIN PGP SIGNATURE----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBAgAGBQJRaC0LAAoJEGe/gLEK1TmDwSoIALmJm+8ke1Yrcq/QycOElEA4
JC37j2VxUS7BM9qshojLAN9VWMeuRVpSVkeTPSv4wJaVl/pRKOedOt1x4JHon8sD
0jF7H2K0GyzXHDoeh3NVcEtnhRNsizD0wBzqCfoXt8wuHxlq3BAJAcMbNiLenNk1
5RarIUeaq7yQLtCf/s99sj643iZgk95x8/ccUUBFmdt4rC695rsC/fRqkM3+IcU4
pZpnffMCe5Y0sfUi/54gIiaZ1VoddpFt8NwzkP6AhcQdjLrq/Qoi2gw5wKSkjtQq
Jy/D+vifVW95xf+UkCeGl0evozorIx+LZoN6jGHiakv9TxoJ2zE0d69x+wGzFsU=
=0gnx
----END PGP SIGNATURE----