ROSA Linux Bugzilla – Bug 3552
[UPDATE REQUEST] [UPSTREAM UPDATE] axis
Last modified: 2014-01-21 19:04:23 MSK
Apache Axis did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5784)
The Base repository is contain axis-1.2.1-7.3.res6.noarch.rpm,
please, rebuild the package with new build number.