Apache Directory LDAP API version 1.0.0-M31 fixes an unspecified timing attack vulnerability. External References: http://directory.apache.org/api/#news
Created apacheds-ldap-client tracking bugs for this issue: Affects: fedora-all [bug 1241165]
(In reply to Vasyl Kaigorodov from comment #1) > Created apacheds-ldap-client tracking bugs for this issue: > > Affects: fedora-all [bug 1241165] NOT upgradable use org.osgi:org.osgi.core:6.0.0 (not free) because use OSGi Specification License This package does have a license (http://www.osgi.org/Main/OSGiSpecificationLicense) that is not allowed in Fedora because it forbids modifications. http://fedoraproject.org/wiki/Licensing#Bad_Licenses If is available a patch i glad to apply
Maybe is only for the 1.0.0 series? I haven't found any documentation which include the package available in our repos.
Seem affected only the 1.0.0 releases http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCAG8=FRj5sL+J6YUJqY95uBJN=vxtS=rWfngAfHk4k2vyShadHw@mail.gmail.com%3E i close rhbz#1241165 , if there aren't objections