[ubuntu/karmic-security] fastjar, fastjar (delayed) 2:0.98-1ubuntu0.9.10.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Mon Jun 21 19:03:48 BST 2010
fastjar (2:0.98-1ubuntu0.9.10.1) karmic-security; urgency=low
* SECURITY UPDATE: directory traversal vulnerabilities (LP: #540575)
- jartool.c (extract_jar): Fix up checks for traversal to parent
directories, disallow absolute paths, make the code slightly more
efficient. (patch from trunk)
- CVE-2010-0831
* Additional patches from the trunk:
- jartool.c (read_entries): Properly zero-terminate filename.
- jartool.c (add_file_to_jar): Fix write return value check.
Date: Fri, 18 Jun 2010 08:23:57 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/fastjar/2:0.98-1ubuntu0.9.10.1
-------------- next part --------------
Format: 1.8
Date: Fri, 18 Jun 2010 08:23:57 -0400
Source: fastjar
Binary: fastjar
Architecture: source
Version: 2:0.98-1ubuntu0.9.10.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
fastjar - Jar creation utility
Changes:
fastjar (2:0.98-1ubuntu0.9.10.1) karmic-security; urgency=low
.
* SECURITY UPDATE: directory traversal vulnerabilities (LP: #540575)
- jartool.c (extract_jar): Fix up checks for traversal to parent
directories, disallow absolute paths, make the code slightly more
efficient. (patch from trunk)
- CVE-2010-0831
* Additional patches from the trunk:
- jartool.c (read_entries): Properly zero-terminate filename.
- jartool.c (add_file_to_jar): Fix write return value check.
Checksums-Sha1:
475aa0aaa4fa8415583628337e0a6841534fd526 1097 fastjar_0.98-1ubuntu0.9.10.1.dsc
2c113d3a635f5b9df9eb6788302c37465d2b8dbe 4095 fastjar_0.98-1ubuntu0.9.10.1.diff.gz
Checksums-Sha256:
13a229c4737664627968ba64ffe4239c0902799b1708eb18dc9b62b96eea5b39 1097 fastjar_0.98-1ubuntu0.9.10.1.dsc
7c8d06be5a0f1881ea171bfd142ac47232d0ffac9333eeded83478c18367fb7e 4095 fastjar_0.98-1ubuntu0.9.10.1.diff.gz
Files:
85d8021aa363a9a2ca0025b994408139 1097 misc extra fastjar_0.98-1ubuntu0.9.10.1.dsc
fa64ab3ca694288d157c37b4571a1781 4095 misc extra fastjar_0.98-1ubuntu0.9.10.1.diff.gz
Launchpad-Bugs-Fixed: 540575
Original-Maintainer: Matthias Klose <doko at debian.org>
More information about the Karmic-changes
mailing list