[Git][security-tracker-team/security-tracker][master] CVE-2022-34169,bcel: fixed in unstable
Markus Koschany (@apo)
apo at debian.org
Tue Oct 18 00:21:00 BST 2022
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1a22b2dd by Markus Koschany at 2022-10-18T01:19:36+02:00
CVE-2022-34169,bcel: fixed in unstable
Mark CVE-2022-34169 fixed in version 6.5.0-2 in bcel
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23704,7 +23704,7 @@ CVE-2022-34169 (The Apache Xalan Java XSLT library is vulnerable to an integer t
- openjdk-8 8u342-b07-1
- openjdk-11 11.0.16+8-1
- openjdk-17 17.0.4+8-1
- - libxalan2-java <unfixed> (bug #1015860)
+ - bcel 6.5.0-2 (bug #1015860)
NOTE: https://www.openwall.com/lists/oss-security/2022/07/19/5
NOTE: https://github.com/openjdk/jdk/commit/41ef2b249073450172e11163a4d05762364b1297
NOTE: Bug is most likely only in bcel which libxalan2-java depends on.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a22b2dd0350f1b9ed6ff8f5edce786b81a0c4c9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a22b2dd0350f1b9ed6ff8f5edce786b81a0c4c9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221017/2191399b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list