Ubuntu
batik package

batik 1.14-2ubuntu0.1 source package in Ubuntu

Changelog

batik (1.14-2ubuntu0.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: Server-Side Request Forgery
    - debian/patches/CVE-2022-38398.patch: BATIK-1331: Jar url should be
      blocked by DefaultExternalResourceSecurity.
    - debian/patches/CVE-2022-38648.patch: BATIK-1333: Block external
      resource before calling fop.
    - debian/patches/CVE-2022-40146.patch: BATIK-1335: Jar url should be
      blocked by DefaultScriptSecurity.
    - debian/patches/CVE-2022-41704.patch: BATIK-1338: Block loading jar
      inside svg.
    - debian/patches/CVE-2022-42890.patch: BATIK-1345: Restrict what java
      classes can be run thru rhino.
    - CVE-2022-38398
    - CVE-2022-38648
    - CVE-2022-40146
    - CVE-2022-41704
    - CVE-2022-42890

 -- Paulo Flabiano Smorigo <email address hidden>  Tue, 23 May 2023 15:42:39 -0300

Upload details

Uploaded by:
Paulo Flabiano Smorigo
Uploaded to:
Kinetic
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
java
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Kinetic: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
batik_1.14.orig.tar.xz 4.0 MiB 3f499fdc553988f9f080bd3a7887a3ab4c9f4de622a82a1879f5746fe3b09388
batik_1.14-2ubuntu0.1.debian.tar.xz 34.6 KiB 74b42e84da953ef45db7b6d4caa78e7a58bf185851dbc2737685f5b59e1ea940
batik_1.14-2ubuntu0.1.dsc 2.2 KiB 9d63a069ac1af7ad4a97023d092fcff4e85e00f2ed586dc2478ac5256ae132d8

View changes file

Binary packages built by this source

libbatik-java: No summary available for libbatik-java in ubuntu kinetic.

No description available for libbatik-java in ubuntu kinetic.