[ubuntu/eoan-security] ant 1.10.6-1ubuntu0.1 (Accepted)
Mike Salvatore
mike.salvatore at canonical.com
Mon Jun 1 19:51:05 UTC 2020
ant (1.10.6-1ubuntu0.1) eoan-security; urgency=medium
* SECURITY UPDATE: Information leak, Code injection
- debian/patches/CVE-2020-1945-1.patch: provide a magic property that
overrides temp directory
- debian/patches/CVE-2020-1945-2.patch: recommend using ant.tmpdir
- debian/patches/CVE-2020-1945-3.patch: make junit launcher and friends
use FileUtils.createTempFile
- debian/patches/CVE-2020-1945-4.patch: make junit launcher use ant.tmpdir
as well
- debian/patches/CVE-2020-1945-5.patch: use nio.Files.createTempFile
rather than File.createTempFile
- CVE-2020-1945
Date: 2020-06-01 15:30:14.205426+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
https://launchpad.net/ubuntu/+source/ant/1.10.6-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Eoan-changes
mailing list