[ubuntu/lucid-security] fastjar, fastjar (delayed) 2:0.98-1ubuntu0.10.04.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Mon Jun 21 19:03:33 BST 2010 

fastjar (2:0.98-1ubuntu0.10.04.1) lucid-security; urgency=low

  * SECURITY UPDATE: directory traversal vulnerabilities (LP: #540575)
    - jartool.c (extract_jar): Fix up checks for traversal to parent
      directories, disallow absolute paths, make the code slightly more
      efficient. (patch from trunk)
    - CVE-2010-0831
  * Additional patches from the trunk:
    - jartool.c (read_entries): Properly zero-terminate filename.
    - jartool.c (add_file_to_jar): Fix write return value check.

Date: Fri, 18 Jun 2010 08:20:03 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/fastjar/2:0.98-1ubuntu0.10.04.1
-------------- next part --------------
Format: 1.8
Date: Fri, 18 Jun 2010 08:20:03 -0400
Source: fastjar
Binary: fastjar
Architecture: source
Version: 2:0.98-1ubuntu0.10.04.1
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 fastjar    - Jar creation utility
Launchpad-Bugs-Fixed: 540575
Changes: 
 fastjar (2:0.98-1ubuntu0.10.04.1) lucid-security; urgency=low
 .
   * SECURITY UPDATE: directory traversal vulnerabilities (LP: #540575)
     - jartool.c (extract_jar): Fix up checks for traversal to parent
       directories, disallow absolute paths, make the code slightly more
       efficient. (patch from trunk)
     - CVE-2010-0831
   * Additional patches from the trunk:
     - jartool.c (read_entries): Properly zero-terminate filename.
     - jartool.c (add_file_to_jar): Fix write return value check.
Checksums-Sha1: 
 ed1f879b86bffa870c9a8b8d52cafa7b7aa9e6d3 1101 fastjar_0.98-1ubuntu0.10.04.1.dsc
 14514311d4d334b126cdcb6cd92d7e8f17a0f123 4192 fastjar_0.98-1ubuntu0.10.04.1.diff.gz
Checksums-Sha256: 
 0f123422258b5f2ed06dcbc614777a764182a9cfa1843626d02ed0f2a7bd9f3d 1101 fastjar_0.98-1ubuntu0.10.04.1.dsc
 4ea20bc4870bb0ca4bf2711097524e570f8cf23c96b37795ca4cb1d6eda81db1 4192 fastjar_0.98-1ubuntu0.10.04.1.diff.gz
Files: 
 feeaadc1dc54e396da69a69ade68116a 1101 misc extra fastjar_0.98-1ubuntu0.10.04.1.dsc
 d1079eedbcf9a0bfb3fd270a91e49fb9 4192 misc extra fastjar_0.98-1ubuntu0.10.04.1.diff.gz
Original-Maintainer: Matthias Klose <doko at debian.org>

More information about the Lucid-changes mailing list