[ubuntu/eoan-security] ant 1.10.6-1ubuntu0.1 (Accepted)

Mike Salvatore mike.salvatore at canonical.com
Mon Jun 1 19:51:05 UTC 2020

ant (1.10.6-1ubuntu0.1) eoan-security; urgency=medium

  * SECURITY UPDATE: Information leak, Code injection
    - debian/patches/CVE-2020-1945-1.patch: provide a magic property that
      overrides temp directory
    - debian/patches/CVE-2020-1945-2.patch: recommend using ant.tmpdir
    - debian/patches/CVE-2020-1945-3.patch: make junit launcher and friends
      use FileUtils.createTempFile
    - debian/patches/CVE-2020-1945-4.patch: make junit launcher use ant.tmpdir
      as well
    - debian/patches/CVE-2020-1945-5.patch: use nio.Files.createTempFile
      rather than File.createTempFile
    - CVE-2020-1945

Date: 2020-06-01 15:30:14.205426+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Eoan-changes mailing list