[CVE-2019-12402] Apache Commons Compress denial of service vulnerability

2019-08-27 Thread Stefan Bodewig
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Severity: Low Vendor: The Apache Software Foundation Versions Affected: Apache Commons Compress 1.15 to 1.18 Description: The file name encoding algorithm used internally in Apache Commons Compress can get into an infinite loop when faced with

[ANN] Apache Commons Compress 1.19 Released

2019-08-27 Thread Stefan Bodewig
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [Re-Sending with fixed subject, sorry] The Apache Commons Team is pleased to announce the release of Apache Commons Compress 1.19. Apache Commons Compress software defines an API for working with compression and archive formats. These include: