Author: ebourg-guest Date: 2014-03-25 15:25:44 +0000 (Tue, 25 Mar 2014) New Revision: 17946
Modified: branches/libxalan2-java/squeeze-security/debian/changelog branches/libxalan2-java/squeeze-security/debian/patches/series Log: Fix CVE-2014-0107 for Squeeze Modified: branches/libxalan2-java/squeeze-security/debian/changelog =================================================================== --- branches/libxalan2-java/squeeze-security/debian/changelog 2014-03-25 14:44:47 UTC (rev 17945) +++ branches/libxalan2-java/squeeze-security/debian/changelog 2014-03-25 15:25:44 UTC (rev 17946) @@ -1,3 +1,13 @@ +libxalan2-java (2.7.1-5+deb6u1) squeeze-security; urgency=high + + * Team upload. + * Fix CVE-2014-0107: Strengthen the secure processing mode by disabling + external general entities, foreign attributes and access to the system + properties. This could be exploited to execute arbitrary code remotely. + (Closes: #742577) + + -- Emmanuel Bourg <[email protected]> Tue, 25 Mar 2014 15:48:50 +0100 + libxalan2-java (2.7.1-5) unstable; urgency=low * Upload to unstable. Modified: branches/libxalan2-java/squeeze-security/debian/patches/series =================================================================== --- branches/libxalan2-java/squeeze-security/debian/patches/series 2014-03-25 14:44:47 UTC (rev 17945) +++ branches/libxalan2-java/squeeze-security/debian/patches/series 2014-03-25 15:25:44 UTC (rev 17946) @@ -1,2 +1,2 @@ build.patch - +CVE-2014-0107.patch _______________________________________________ pkg-java-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits
