https://answers.axonivy.com/tags/security/?type=rss&user=SupportIvyTeamquestions tagged <span class="tag">security</span>enFri, 17 Aug 2018 04:03:38 -0400https://answers.axonivy.com/questions/3402/failed-to-generate-random-number-within-10-seconds<p>Failed to generate random number within 10 seconds. This could slow down the JSF runtime dramatically. Please consider installing a secure random provider for 'SHA1PRNG'!</p>SupportIvyTeamFri, 17 Aug 2018 04:03:38 -0400https://answers.axonivy.com/questions/3402/failed-to-generate-random-number-within-10-secondsenginesecurityrandomhttps://answers.axonivy.com/questions/2880/is-ivy-affected-by-the-newly-found-apache-tomcat-rce-vulnerabilities-cve-2017-12615-and-cve-2017-12617<p>Two Remote code execution (RCE) security vulnerabilities affecting all versions of Apache Tomcat have been found last week.</p> <p><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12615">CVE-2017-12615 (RCE when readonly set to false, affects Tomcat &lt; 7.0.81 on Windows)</a></p> <p><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617">CVE-2017-12617 (RCE when readonly set to false, affects all Tomcat versions on all Operating systems)</a></p> <p>Is ivy affected by the newly found Apache Tomcat RCE vulnerabilities (CVE-2017-12615 and CVE-2017-12617) ?</p>SupportIvyTeamMon, 25 Sep 2017 03:53:51 -0400https://answers.axonivy.com/questions/2880/is-ivy-affected-by-the-newly-found-apache-tomcat-rce-vulnerabilities-cve-2017-12615-and-cve-2017-12617security