Viewing all changes in revision 12.
- Committer: Bazaar Package Importer
- Date: 2010-06-18 08:35:33 UTC
- Revision ID: james.westby@ubuntu.com-20100618083533-wyqxn4dqteh2t6es
* SECURITY UPDATE: directory traversal vulnerabilities (LP: #540575)
- jartool.c (extract_jar): Fix up checks for traversal to parent
directories, disallow absolute paths, make the code slightly more
efficient. (patch from trunk)
- CVE-2010-0831
* Additional patches from the trunk:
- jartool.c (read_entries): Properly zero-terminate filename.
- jartool.c (add_file_to_jar): Fix write return value check.
- jartool.c (extract_jar): Fix up checks for traversal to parent
directories, disallow absolute paths, make the code slightly more
efficient. (patch from trunk)
- CVE-2010-0831
* Additional patches from the trunk:
- jartool.c (read_entries): Properly zero-terminate filename.
- jartool.c (add_file_to_jar): Fix write return value check.
- files modified:
- debian/changelog
expand all
collapse all
added
removed
