[ubuntu/jaunty-security] fastjar, fastjar (delayed) 2:0.97-3ubuntu0.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Mon Jun 21 19:04:06 BST 2010
fastjar (2:0.97-3ubuntu0.1) jaunty-security; urgency=low
* SECURITY UPDATE: directory traversal vulnerabilities (LP: #540575)
- jartool.c (extract_jar): Fix up checks for traversal to parent
directories, disallow absolute paths, make the code slightly more
efficient. (patch from trunk)
- CVE-2010-0831
* Additional patches from the trunk:
- jartool.c (read_entries): Properly zero-terminate filename.
- jartool.c (add_file_to_jar): Fix write return value check.
Date: Fri, 18 Jun 2010 08:35:33 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/fastjar/2:0.97-3ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Fri, 18 Jun 2010 08:35:33 -0400
Source: fastjar
Binary: fastjar
Architecture: source
Version: 2:0.97-3ubuntu0.1
Distribution: jaunty-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
fastjar - Jar creation utility
Launchpad-Bugs-Fixed: 540575
Changes:
fastjar (2:0.97-3ubuntu0.1) jaunty-security; urgency=low
.
* SECURITY UPDATE: directory traversal vulnerabilities (LP: #540575)
- jartool.c (extract_jar): Fix up checks for traversal to parent
directories, disallow absolute paths, make the code slightly more
efficient. (patch from trunk)
- CVE-2010-0831
* Additional patches from the trunk:
- jartool.c (read_entries): Properly zero-terminate filename.
- jartool.c (add_file_to_jar): Fix write return value check.
Checksums-Sha1:
28b6e3335612ef9a2a4f4ab70f0c4be1d4ba25ec 1077 fastjar_0.97-3ubuntu0.1.dsc
ece949e3d6a4798a73009b46960b0acc6e39a44e 4303 fastjar_0.97-3ubuntu0.1.diff.gz
Checksums-Sha256:
58dda02e7ab071c3ea8d0cf6ab215d6e853eb5cb8b88cebe135e31e25363d238 1077 fastjar_0.97-3ubuntu0.1.dsc
e52b43a9841289176143fc51d41bc2fcee0aee886fb324d243397c717383e524 4303 fastjar_0.97-3ubuntu0.1.diff.gz
Files:
4ea02be4634886678ad56803e595a74c 1077 misc extra fastjar_0.97-3ubuntu0.1.dsc
f685e7715cc6ef5f819cb1408d4fadba 4303 misc extra fastjar_0.97-3ubuntu0.1.diff.gz
Original-Maintainer: Matthias Klose <doko at debian.org>
More information about the Jaunty-changes
mailing list