~ubuntu-branches/ubuntu/trusty/libcommons-fileupload-java/trusty

Committer: Package Import Robot
Author(s): Marc Deslauriers
Date: 2013-11-07 09:32:30 UTC
Revision ID: package-import@ubuntu.com-20131107093230-p4ucybublorxyf80

Tags: 1.3-2ubuntu1

* SECURITY UPDATE: arbitrary file overwrite via poison null byte
  - debian/patches/CVE-2013-2186.patch: properly validate repository in
    src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java.
  - CVE-2013-2186

files added:
.pc/CVE-2013-2186.patch

.pc/CVE-2013-2186.patch/src

.pc/CVE-2013-2186.patch/src/main

.pc/CVE-2013-2186.patch/src/main/java

.pc/CVE-2013-2186.patch/src/main/java/org

.pc/CVE-2013-2186.patch/src/main/java/org/apache

.pc/CVE-2013-2186.patch/src/main/java/org/apache/commons

.pc/CVE-2013-2186.patch/src/main/java/org/apache/commons/fileupload

.pc/CVE-2013-2186.patch/src/main/java/org/apache/commons/fileupload/disk

.pc/CVE-2013-2186.patch/src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java

debian/patches/CVE-2013-2186.patch

files modified:
.pc/applied-patches

debian/changelog

debian/control

debian/patches/series

src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java

Show diffs side-by-side

added added

removed removed

debian/changelog

libcommons-fileupload-java (1.3-2ubuntu1) trusty; urgency=low

* SECURITY UPDATE: arbitrary file overwrite via poison null byte

- debian/patches/CVE-2013-2186.patch: properly validate repository in

src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java.

- CVE-2013-2186

-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 07 Nov 2013 09:32:30 -0500

libcommons-fileupload-java (1.3-2) unstable; urgency=low

* Team upload.

Older »