(RHSA-2016:0321) Moderate: Red Hat JBoss Fuse 6.2.1 update

Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint,
flexible, open source enterprise service bus and integration platform.

This patch is an update to Red Hat JBoss Fuse 6.2.1. It includes several
bug fixes, which are documented in the readme.txt file included with the
patch files.

The following security issue is addressed in this release:

It was found that Apache CXF permitted wrapping attacks in its support for
SAML SSO. A malicious user could construct a SAML response that would
bypass the login screen and possibly gain access to restricted information
or resources. (CVE-2015-5253)

Refer to the readme.txt file included with the patch files for
installation instructions.

All users of Red Hat JBoss Fuse 6.2.1 as provided from the Red Hat Customer
Portal are advised to apply this update.