[Bug 1433365] Re: Merge jakarta-taglibs-standard 1.1.2-3 (main) from Debian unstable (main)
Artur Rona
ari-tczew at tlen.pl
Wed Mar 18 20:33:15 UTC 2015
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-0254
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1433365
Title:
Merge jakarta-taglibs-standard 1.1.2-3 (main) from Debian unstable
(main)
Status in jakarta-taglibs-standard package in Ubuntu:
Confirmed
Bug description:
jakarta-taglibs-standard (1.1.2-3) unstable; urgency=high
* Team upload.
* Fix CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags:
- Introduce new patch: d/patches/CVE-2015-0254.patch.
- Adjust source and target JVM parameters to 1.5.
(Closes: #779621).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/jakarta-taglibs-standard/+bug/1433365/+subscriptions
More information about the Ubuntu-sponsors
mailing list