1
Candidate: CVE-2014-3574
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3574
5
https://issues.apache.org/bugzilla/show_bug.cgi?id=54764
6
https://lucene.apache.org/solr/solrnews.html#18-august-2014-recommendation-to-update-apache-poi-in-apache-solr-480-481-and-490-installations
7
http://www.apache.org/dist/poi/release/RELEASE-NOTES.txt
8
http://secunia.com/advisories/60419
9
http://poi.apache.org/changes.html
11
Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote
12
attackers to cause a denial of service (CPU consumption and crash) via a
13
crafted OOXML file, aka an XML Entity Expansion (XEE) attack.
21
Patches_libapache-poi-java:
22
upstream_libapache-poi-java: released (3.10.1-1)
23
lucid_libapache-poi-java: DNE
24
precise_libapache-poi-java: ignored (reached end-of-life)
25
precise/esm_libapache-poi-java: DNE (precise was needed)
26
trusty_libapache-poi-java: needed
27
utopic_libapache-poi-java: ignored (reached end-of-life)
28
vivid_libapache-poi-java: ignored (reached end-of-life)
29
vivid/stable-phone-overlay_libapache-poi-java: DNE
30
vivid/ubuntu-core_libapache-poi-java: DNE
31
wily_libapache-poi-java: ignored (reached end-of-life)
32
xenial_libapache-poi-java: needed
33
yakkety_libapache-poi-java: ignored (reached end-of-life)
34
zesty_libapache-poi-java: ignored (reached end-of-life)
35
artful_libapache-poi-java: needed
36
bionic_libapache-poi-java: needed
37
devel_libapache-poi-java: needed