[ https://issues.apache.org/jira/browse/RAT-214?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Philipp Ottlinger closed RAT-214. --------------------------------- CI builds were fine. > Update commons-compress and apache-ant due to security problems > --------------------------------------------------------------- > > Key: RAT-214 > URL: https://issues.apache.org/jira/browse/RAT-214 > Project: Apache Rat > Issue Type: Bug > Affects Versions: 0.11 > Reporter: Philipp Ottlinger > Assignee: Philipp Ottlinger > Fix For: 0.12 > > > Try to update > * commons-compress > * apache-ant > due to possible security problems. > h3. Context > Algorithmic complexity vulnerability in the sorting algorithms in > bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons > Compress before 1.4.1 and Apache Ant before 1.8.4 allows remote > attackers to cause a denial of service (CPU consumption) via a file with > many repeating inputs. -- This message was sent by Atlassian JIRA (v6.3.4#6332)