From 634917ecc8e3d8046cae12cdc7017441843323db Mon Sep 17 00:00:00 2001
From: Bernd Eckenfels <ecki@apache.org>
Date: Fri, 11 Dec 2015 11:39:08 +0000
Subject: [PATCH] security-report: added CVE-2015-7501 (Red Hat) to
 de-serialisaton references

git-svn-id: https://svn.apache.org/repos/asf/commons/proper/collections/trunk@1719350 13f79535-47bb-0310-9956-ffa450edef68
---
 src/site/xdoc/security-reports.xml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/site/xdoc/security-reports.xml b/src/site/xdoc/security-reports.xml
index 6c63d8c2e..db213761f 100644
--- a/src/site/xdoc/security-reports.xml
+++ b/src/site/xdoc/security-reports.xml
@@ -91,6 +91,9 @@
           <ol>
             <li>Vulnerability Report for Oracle Weblogic Server:
                 <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4852">CVE-2015-4852</a></li>
+            <li>Vulnerability Report for Red Hat JBoss products:
+                <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501">CVE-2015-7501</a>
+                (<a href="https://access.redhat.com/security/cve/cve-2015-7501">Red Hat Portal</a>)</li>
             <li>Apache Commons
                 <a href="https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread">statement</a>
                 to widespread Java object de-serialisation vulnerability</li>