[ubuntu/hardy-security] fastjar, fastjar (delayed) 2:0.95-1ubuntu2.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Mon Jun 21 19:04:16 BST 2010
fastjar (2:0.95-1ubuntu2.1) hardy-security; urgency=low
* SECURITY UPDATE: directory traversal vulnerabilities (LP: #540575)
- jartool.c (extract_jar): Fix up checks for traversal to parent
directories, disallow absolute paths, make the code slightly more
efficient. (patch from trunk)
- CVE-2010-0831
* Additional patches from the trunk:
- jartool.c (read_entries): Properly zero-terminate filename.
Date: Fri, 18 Jun 2010 08:37:54 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/fastjar/2:0.95-1ubuntu2.1
-------------- next part --------------
Format: 1.7
Date: Fri, 18 Jun 2010 08:37:54 -0400
Source: fastjar
Binary: fastjar
Architecture: source
Version: 2:0.95-1ubuntu2.1
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
fastjar - Jar creation utility
Launchpad-Bugs-Fixed: 540575
Changes:
fastjar (2:0.95-1ubuntu2.1) hardy-security; urgency=low
.
* SECURITY UPDATE: directory traversal vulnerabilities (LP: #540575)
- jartool.c (extract_jar): Fix up checks for traversal to parent
directories, disallow absolute paths, make the code slightly more
efficient. (patch from trunk)
- CVE-2010-0831
* Additional patches from the trunk:
- jartool.c (read_entries): Properly zero-terminate filename.
Files:
37c0afbe767cd560f19f444c518f9e9a 688 misc extra fastjar_0.95-1ubuntu2.1.dsc
0bbecbfd445a41af5fac64225180626f 14652 misc extra fastjar_0.95-1ubuntu2.1.diff.gz
Original-Maintainer: Matthias Klose <doko at debian.org>
More information about the Hardy-changes
mailing list