Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 4175-1] freeplane security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4175-1] freeplane security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 4175-1] freeplane security update
  • Date: Wed, 18 Apr 2018 04:18:55 +0000
  • List-archive: https://lists.debian.org/msgid-search/E1f8eYZ-0006rJ-GW AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Wed, 18 Apr 2018 04:19:15 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <u8XNjNSwogD.A.LAC.Dds1aB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4175-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
April 18, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : freeplane
CVE ID : CVE-2018-1000069
Debian Bug : 893663

Wojciech Regula discovered an XML External Entity vulnerability in the
XML Parser of the mindmap loader in freeplane, a Java program for
working with mind maps, resulting in potential information disclosure if
a malicious mind map file is opened.

For the oldstable distribution (jessie), this problem has been fixed
in version 1.3.12-1+deb8u1.

For the stable distribution (stretch), this problem has been fixed in
version 1.5.18-1+deb9u1.

We recommend that you upgrade your freeplane packages.

For the detailed security status of freeplane please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/freeplane

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlrWxN9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TWZQ//e38sUdwj6IZXNKfGIwUhzXXYJEt3Sq4VIBYzUIKz62+vDI6JKtFcfgC9
u+VN8bsClzlJwpsJltJXP8XNObvlXdi+xoD/+KcXhrmj0r7I77ZcfkKmD8L1zeR9
R+4tTVsUjahFELM7WcvNMcRPyIYa/fOYDIWYnzLqdHlCKHAfqDUgAcg4l76K44i5
dLC8JfQNMVe/oH2vR5N+nmZzBml44uURsV+D2We0Fr/q4OBcHtFw8vVziiZ8ZWuu
fRyR72sX+pjgmFoa2725D9XnRMVOdaCSc778jiwPVRkvWvc6oFtW1shQ4waWl7WO
qQggaU6vLot2M0HYdWVLazT3vX6GyVXFV5d9FfHm2/GCcoz/F84Pjwg3Y01X3hCz
VBTZUN6B+1WqvxcXSKS33xPIORmMwQZ0jCa+IgNxKUFlnfvML9lsUXSajBNnSziF
1eDw3/opvqom9jluJsCLdeWiDH2Ya3p0C/jJAwYQGZLZZema9FkPI9D6slydJjUE
byAo8gmJKUmlHoWNxieumNDfyqzExvGLEsgcLlRtrJoyO4M4l/Uk2BuauEXEkgim
0AW/5biL/gYBX82c5oDx6w1JiKDyJ/lAKmb0ihHcZsPeVJeHIW+tdR6sEfZOrkdM
GZtBt39gzpoUesykcGYRWtHq11gxa3JPBEq/6OD6IgZ6XIwPAYw=
=VS6n
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 4175-1] freeplane security update, Salvatore Bonaccorso, 18.04.2018

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang