Format: 1.8
Date: Tue, 23 May 2023 15:45:29 -0300
Source: batik
Binary: libbatik-java
Built-For-Profiles: noudeb
Architecture: all
Version: 1.14-1ubuntu0.2
Distribution: jammy
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy02-amd64-063.buildd>
Changed-By: Paulo Flabiano Smorigo <pfsmorigo@canonical.com>
Description:
 libbatik-java - xml.apache.org SVG Library
Changes:
 batik (1.14-1ubuntu0.2) jammy-security; urgency=medium
 .
     - debian/patches/CVE-2022-38398.patch: BATIK-1331: Jar url should be
       blocked by DefaultExternalResourceSecurity.
     - debian/patches/CVE-2022-38648.patch: BATIK-1333: Block external
       resource before calling fop.
     - debian/patches/CVE-2022-40146.patch: BATIK-1335: Jar url should be
       blocked by DefaultScriptSecurity.
     - debian/patches/CVE-2022-41704.patch: BATIK-1338: Block loading jar
       inside svg.
     - debian/patches/CVE-2022-42890.patch: BATIK-1345: Restrict what java
       classes can be run thru rhino.
     - CVE-2022-38398
     - CVE-2022-38648
     - CVE-2022-40146
     - CVE-2022-41704
     - CVE-2022-42890
Checksums-Sha1:
 1dd191a21caf54adb9915fdca9d7aada8f4f82da 16098 batik_1.14-1ubuntu0.2_amd64.buildinfo
 ea6ca2cf1106c43c1a968f715f579b9886b25eae 3866372 libbatik-java_1.14-1ubuntu0.2_all.deb
Checksums-Sha256:
 1a1fb40682b2ab9f87f313677816b91c4b9a49bcdbf577e4f4c4f90d90836833 16098 batik_1.14-1ubuntu0.2_amd64.buildinfo
 e028e2969854549d49131b23fb6db24a5050690b652ddb14b5d6e5fd3f3c6fed 3866372 libbatik-java_1.14-1ubuntu0.2_all.deb
Files:
 a7fd1194c4c7c438578c2c10523a6b51 16098 java optional batik_1.14-1ubuntu0.2_amd64.buildinfo
 dd5b6d84ecb6d45efc53cb9e680ac90e 3866372 java optional libbatik-java_1.14-1ubuntu0.2_all.deb
Original-Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>