Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 2940-1] libstruts1.2-java security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 2940-1] libstruts1.2-java security update


Chronologisch Thread 
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 2940-1] libstruts1.2-java security update
  • Date: Thu, 21 Aug 2014 08:39:48 +0200
  • List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
  • List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
  • Old-return-path: <jmm AT inutil.org>
  • Priority: urgent
  • Resent-date: Thu, 21 Aug 2014 06:40:07 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <mNDyNXiAdsE.A.sUB.HRZ9TB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2940-1 security AT debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
Aug 21, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : libstruts1.2-java
CVE ID : CVE-2014-0114

It was discovered that missing access checks in the Struts ActionForm
object could result in the execution of arbitrary code.

For the stable distribution (wheezy), this problem has been fixed in
version 1.2.9-5+deb7u1.

For the unstable distribution (sid), this problem has been fixed in
version 1.2.9-9.

We recommend that you upgrade your libstruts1.2-java packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJT9ZP+AAoJEBDCk7bDfE42iiUP/0pltqgMucIuY3qSLISTBNTH
PMQIFK1DZpbTb2nGbsww0m6C8pe4ckqKDgezpm58+QVzQszNCK+BVWPsrz8EiXsO
RTuMiQ005MwDgbQvvqDNw8T5zXj3+kBMzF/ZN8jS3pcHGuyn8EtL6JKBzrVhiAM/
YLTgt5wGt2HK7DnmtXroNVuWREk42jD+6cV0E2f16LPpwUWIZnPBpv3CFv+jv9ot
RnJheBm76K9rgnatD54N7rV+JvuRtkidP/cZcMBEZRZTP2enFczcl43VCWYPKbFT
OVS1tKzqf1+hIye8jwcg/W/Gyt5nZPeflzJoYYhaifdojb2H690Dmmm+Bves5Ie8
mJlI74F2pb/vjOmJMDn4Psgk077scYqArpA84edFNU8UJ8IJF1Ue7sas1MITxVDI
MYl/2+HVt6QnxxUMMOJNIqIbzuogN5KUExHJgBpx6nJM/t1jZw4I2GQ4ilB7eUGk
V/sLBBL8NVoJDw8W7R0xxcjwhZ9skJt9ab4vLVreAr1dRPYYUHa2ttIpSgBQ5gmD
okw6okATTeo8EKjhfOn1PIbpEF6nRk/lbDu4uXJsuvp+2woNch2lUPLo64OgwJcQ
I2jH4+sliClgMqw4VBk3bJ7M89y/N3vI39qO7wWtGRG68Cu8S2fa8J635tIWX4Vx
u5Zped3uPxyEKk+90K8/
=yEUi
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST AT lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster AT lists.debian.org
Archive: https://lists.debian.org/20140821063948.GA14953 AT pisco.westfalen.local




  • [IT-SecNots] [SECURITY] [DSA 2940-1] libstruts1.2-java security update, Moritz Muehlenhoff, 21.08.2014

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang