~ubuntu-branches/ubuntu/lucid/libxalan2-java/lucid-updates

Viewing all changes in revision 8.

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-03-31 13:20:32 UTC
  • mfrom: (5.2.1 sid)
  • Revision ID: package-import@ubuntu.com-20140331132032-g46xg123tqvwgr6u
Tags: 2.7.1-5ubuntu1.1
* SECURITY UPDATE: information disclosure or arbitrary code execution via
  crafted XSLT programs
  - debian/patches/CVE-2014-0107.patch: disable external general
    entities, foreign attributes and access to the system properties in
    src/org/apache/xalan/transformer/TransformerImpl.java,
    src/org/apache/xalan/processor/XSLTElementProcessor.java,
    src/org/apache/xalan/processor/TransformerFactoryImpl.java,
    src/org/apache/xpath/functions/FuncSystemProperty.java.
  - CVE-2014-0107

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: