creadur-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Philipp Ottlinger (JIRA)" <j...@apache.org>
Subject [jira] [Created] (RAT-214) Update commons-compress and apache-ant due to security problems
Date Mon, 14 Mar 2016 20:46:33 GMT
Philipp Ottlinger created RAT-214:
-------------------------------------

             Summary: Update commons-compress and apache-ant due to security problems
                 Key: RAT-214
                 URL: https://issues.apache.org/jira/browse/RAT-214
             Project: Apache Rat
          Issue Type: Bug
    Affects Versions: 0.11
            Reporter: Philipp Ottlinger
            Assignee: Philipp Ottlinger
             Fix For: 0.12


Try to update 
* commons-compress
* apache-ant
due to possible security problems.

h3. Context
Algorithmic complexity vulnerability in the sorting algorithms in
bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons
Compress before 1.4.1 and Apache Ant before 1.8.4 allows remote
attackers to cause a denial of service (CPU consumption) via a file with
many repeating inputs.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message