Tue, 03 Apr 2018 08:54:00 +0000
CST-7040 Denial of service vulnerability when using Xuggler
When Xuggler is enabled for video conversion, a large number of temporary files may be created during video playback, which allows remote users to cause a denial of service (DoS) vulnerability (disk consumption).
Disable integration with Xuggler
There is no patch available for Liferay Portal 7.0 CE GA5. Instead, users should upgrade to Liferay Portal 7.0 CE GA6 (7.0.5) or later to fix this issue.