[ubuntu/bionic-updates] libxstream-java 1.4.11.1-1~18.04.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Jan 28 20:28:13 UTC 2021
libxstream-java (1.4.11.1-1~18.04.1) bionic-security; urgency=medium
* SECURITY UPDATE: Command Injection Vulnerability
- debian/patches/CVE-2020-26217.patch: New predefined blacklist avoids
vulnerability due to improper setup and update security vulnerability
test to test default.
- debian/patches/CVE-2020-26259.patch: Fix arbitrary File Deletion on the
local host.
- CVE-2020-26217
- CVE-2020-26259
* SECURITY UPDATE: Server-Side Request Forgery Vulnerability
- debian/patches/CVE-2020-26258.patch: Fix access data streams from an
arbitrary URL.
- CVE-2020-26258
* Add a new maven rule to fix FTBFS.
- debian/maven.ignoreRules: Add com.sun.xml.ws jaxws-rt.
Date: 2021-01-28 14:58:15.955799+00:00
Changed-By: Paulo Flabiano Smorigo <pfsmorigo at canonical.com>
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/libxstream-java/1.4.11.1-1~18.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list