Bug#899374: batik: CVE-2018-8013
Salvatore Bonaccorso
carnil at debian.org
Wed May 23 14:23:15 BST 2018
Source: batik
Version: 1.5beta2-1
Severity: important
Tags: security upstream fixed-upstream
Hi,
The following vulnerability was published for batik.
CVE-2018-8013[0]:
Apache Batik information disclosure vulnerability
Unfortunately the report does not share details, but it was posted at
[1], refering as affected versions 1.0 up to 1.9.1 and fixed in 1.10.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2018-8013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8013
[1] http://www.openwall.com/lists/oss-security/2018/05/23/1
Regards,
Salvatore
More information about the pkg-java-maintainers
mailing list