Bug#884131: jasperreports: CVE-2017-14941, CVE-2017-5533, CVE-2017-5532
Markus Koschany
apo at debian.org
Mon Dec 11 19:03:21 UTC 2017
Package: libjasperreports-java
Version: 6.3.1-1
Severity: important
Tags: security
The recent update of jasperreports apparently fixed CVE-2017-5528 and
CVE-2017-5529. There are still three CVE which are not addressed yet. The
advisory for CVE-2017-5532 mentions that the solution is to upgrade to
version 6.3.3 or 6.4.2. It is not clear to me whether the Debian
package is actually affected by CVE-2017-5533 or CVE-2017-14941 due to
lack of information.
Markus
More information about the pkg-java-maintainers
mailing list