libcommons-fileupload-java (1.3-2ubuntu1) trusty; urgency=low * SECURITY UPDATE: arbitrary file overwrite via poison null byte - debian/patches/CVE-2013-2186.patch: properly validate repository in src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java. - CVE-2013-2186
Date: Thu, 07 Nov 2013 09:32:30 -0500 Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> https://launchpad.net/ubuntu/trusty/+source/libcommons-fileupload-java/1.3-2ubuntu1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 07 Nov 2013 09:32:30 -0500 Source: libcommons-fileupload-java Binary: libcommons-fileupload-java libcommons-fileupload-java-doc Architecture: source Version: 1.3-2ubuntu1 Distribution: trusty Urgency: low Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Description: libcommons-fileupload-java - File upload capability to your servlets and web applications libcommons-fileupload-java-doc - Javadoc API documentation for Commons FileUploads Changes: libcommons-fileupload-java (1.3-2ubuntu1) trusty; urgency=low . * SECURITY UPDATE: arbitrary file overwrite via poison null byte - debian/patches/CVE-2013-2186.patch: properly validate repository in src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java. - CVE-2013-2186 Checksums-Sha1: 59d9a726be7f86dd2f699cad1d81d6af4de9136d 2507 libcommons-fileupload-java_1.3-2ubuntu1.dsc bba5572936b162032259ef1f36674e302dc2d1b5 9392 libcommons-fileupload-java_1.3-2ubuntu1.debian.tar.gz Checksums-Sha256: cee27dac9fe36a041a924ddcc1c48a7e49080333c1fd1135224611f9b547d48d 2507 libcommons-fileupload-java_1.3-2ubuntu1.dsc effa8d7c54569ab8e135540580e3922f878f904f7a1f76a43c810ced87cff175 9392 libcommons-fileupload-java_1.3-2ubuntu1.debian.tar.gz Files: 5c9fc7358c67a3c834d0ec500e326dae 2507 java optional libcommons-fileupload-java_1.3-2ubuntu1.dsc 243e84f7fc29e7e9c39c73c020141f05 9392 java optional libcommons-fileupload-java_1.3-2ubuntu1.debian.tar.gz Original-Maintainer: Debian Java Maintainers <pkg-java-maintain...@lists.alioth.debian.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQIcBAEBCgAGBQJSfQ5wAAoJEGVp2FWnRL6T7tgP/jdTgUUvt0iD8vxFzNnbTfTO K5t/g9oLQjBYYyrrgqVkSkbZ7EuCRIBbEDIsL8YZycnyKkMet54wlrh18jBdqtsj oaYFRVGdr4raWBMgrcplWxs0EuGc+7jU6OrCaOUJfgOI9nh4girp9AYK4BNLVY/A gtLB7EqE9IwmPOM8IscVAdmZqur0rjtWZhxQQaEHDqz6LcEgu0RXgmmjA7Atqspq lJtX1O/G8u5FjzXeoInIDdDER/ernwAi5RQ7NEqGTkoy1bILXshEROO8mLTBPLHK BhwR9XVWGIeBGnwFj31z5lwQy0/iqHna3oLMWfpVjgKooC7/nzMtyDGd492nueG5 WO+wwz8wyZQBy2mIKfNfiZ6zbLmhRCKn46GI8qg5fPzp0ZftGR2CNV1ClzWbCzP4 E5XriUVdxidCswbRGmNRAvJhQRjFRhk6xehmzoedGbplYafRLhi/53PtkEr9ReMH LZKk5Ytpy5IF7s4keiezxU4fvGNgioPB3bT2rXN6EfjZ0xDHDfEqBVpe4t7ndqvN GPdSTNuWw1pt+ZNk1Bv9n+tkFPAEODNmpVz4aGqJTJ+UwWYT1ABfwbNlIkUXuLI7 tjm8tViqD6PMQCWam9iWndB54F2lhzFp89oHFk8HxORiQMcYv7wbUH78MWzrZL6O C0F1XdMcafKWWATlxJQ0 =tYXH -----END PGP SIGNATURE-----
-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes