[ubuntu/vivid-proposed] batik 1.7.ubuntu-8ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Mar 24 16:21:36 UTC 2015
batik (1.7.ubuntu-8ubuntu3) vivid; urgency=medium
* SECURITY UPDATE: XML external entity information disclosure
- debian/patches/cve_2015_0250.patch: disable external entities in
sources/org/apache/batik/dom/util/SAXDocumentFactory.java.
- Thanks to Debian for the patch backport.
- CVE-2015-0250
Date: Tue, 24 Mar 2015 10:47:44 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/batik/1.7.ubuntu-8ubuntu3
-------------- next part --------------
Format: 1.8
Date: Tue, 24 Mar 2015 10:47:44 -0400
Source: batik
Binary: libbatik-java
Architecture: source
Version: 1.7.ubuntu-8ubuntu3
Distribution: vivid
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libbatik-java - xml.apache.org SVG Library
Changes:
batik (1.7.ubuntu-8ubuntu3) vivid; urgency=medium
.
* SECURITY UPDATE: XML external entity information disclosure
- debian/patches/cve_2015_0250.patch: disable external entities in
sources/org/apache/batik/dom/util/SAXDocumentFactory.java.
- Thanks to Debian for the patch backport.
- CVE-2015-0250
Checksums-Sha1:
d4450906e39dddd2880b4fe4119d1dc9717ae1c5 2361 batik_1.7.ubuntu-8ubuntu3.dsc
f4ed9d844ba8481378da539e099de2b1e2c2059a 11444 batik_1.7.ubuntu-8ubuntu3.debian.tar.xz
Checksums-Sha256:
562c8dd2d3e187eb25ae5f9b6268c9119e0424ab5f0418246548400ac129a86a 2361 batik_1.7.ubuntu-8ubuntu3.dsc
87d0fff2bb8424d5e0c8f7236e6e6b939a9c5f1806af8481dd12b6fec9f3c6a1 11444 batik_1.7.ubuntu-8ubuntu3.debian.tar.xz
Files:
59ef3e873c31c57558d5058e9323dc4d 2361 java optional batik_1.7.ubuntu-8ubuntu3.dsc
f2b7764ee8ee72cce982646cd472c9a5 11444 java optional batik_1.7.ubuntu-8ubuntu3.debian.tar.xz
Original-Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
More information about the Vivid-changes
mailing list