[Bug 540575] Re: Directory traversal vulnerabilities

Launchpad Bug Tracker Mon, 21 Jun 2010 11:13:00 -0700

This bug was fixed in the package fastjar - 2:0.97-3ubuntu0.1

---------------
fastjar (2:0.97-3ubuntu0.1) jaunty-security; urgency=low


  * SECURITY UPDATE: directory traversal vulnerabilities (LP: #540575)
    - jartool.c (extract_jar): Fix up checks for traversal to parent
      directories, disallow absolute paths, make the code slightly more
      efficient. (patch from trunk)
    - CVE-2010-0831
  * Additional patches from the trunk:
    - jartool.c (read_entries): Properly zero-terminate filename.
    - jartool.c (add_file_to_jar): Fix write return value check.
 -- Marc Deslauriers <[email protected]>   Fri, 18 Jun 2010 08:35:33 
-0400

** Changed in: fastjar (Ubuntu Hardy)
       Status: Confirmed => Fix Released

-- 
Directory traversal vulnerabilities
https://bugs.launchpad.net/bugs/540575
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 540575] Re: Directory traversal vulnerabilities

Reply via email to