libcommons-net-java 3.6-1+deb11u1build0.20.04.1 source package in Ubuntu
Changelog
libcommons-net-java (3.6-1+deb11u1build0.20.04.1) focal-security; urgency=medium
* fake sync from Debian
libcommons-net-java (3.6-1+deb11u1) bullseye-security; urgency=high
* Non-maintainer upload by the LTS team.
* Fix CVE-2021-37533:
ZeddYu Lu discovered that the FTP client of Apache Commons Net, a Java
client API for basic Internet protocols, trusts the host from PASV response
by default. A malicious server can redirect the Commons Net code to use a
different host, but the user has to connect to the malicious server in the
first place. This may lead to leakage of information about services running
on the private network of the client. (Closes: #1025910)
-- George-Andrei Iosif <email address hidden> Thu, 20 Apr 2023 13:54:01 +0300
Upload details
- Uploaded by:
- George-Andrei Iosif
- Uploaded to:
- Focal
- Original maintainer:
- Debian Java Maintainers
- Architectures:
- all
- Section:
- java
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Focal | updates | universe | misc | |
| Focal | security | universe | misc |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libcommons-net-java_3.6.orig.tar.xz | 300.6 KiB | 7eee0e4ac4905c84b5c585a6785cdf9c87b89502f608059b2e766c92f60c4811 |
| libcommons-net-java_3.6-1+deb11u1build0.20.04.1.debian.tar.xz | 7.0 KiB | be664e82efe4a0d96ecbf731cc8f79259e6da852a2dc407c9309db62bc92f540 |
| libcommons-net-java_3.6-1+deb11u1build0.20.04.1.dsc | 2.5 KiB | afb04fe73e7c85f41b0d7336787670aae2c160af6d036ce0a2820322e7322eb1 |
Available diffs
Binary packages built by this source
- libcommons-net-java: Apache Commons Net - Java client API for basic Internet protocols
The Apache Commons Net library implements the client side of many basic
Internet protocols. The purpose of the library is to provide fundamental
protocol access, not higher-level abstractions. Therefore, some of the
design violates object-oriented design principles. The philosophy is to
make the global functionality of a protocol accessible (e.g., TFTP send
file and receive file) when possible, but also provide access to the
fundamental protocols where applicable so that a programmer may construct
his own custom implementations (e.g, the TFTP packet classes and the TFTP
packet send and receive methods are exposed).
.
The supported protocols include:
* FTP/FTPS
* FTP over HTTP (experimental)
* NNTP
* SMTP(S)
* POP3(S)
* IMAP(S)
* Telnet
* TFTP
* Finger
* Whois
* rexec/rcmd/rlogin
* Time (rdate) and Daytime
* Echo
* Discard
* NTP/SNTP
- libcommons-net-java-doc: Apache Commons Net (API documentation)
The Apache Commons Net library implements the client side of many basic
Internet protocols. The purpose of the library is to provide fundamental
protocol access, not higher-level abstractions. Therefore, some of the
design violates object-oriented design principles. The philosophy is to
make the global functionality of a protocol accessible (e.g., TFTP send
file and receive file) when possible, but also provide access to the
fundamental protocols where applicable so that a programmer may construct
his own custom implementations (e.g, the TFTP packet classes and the TFTP
packet send and receive methods are exposed).
.
This package contains the API documentation for libcommons-net-java.
