| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Aug 2014 08:39:48 +0200 From: Moritz Muehlenhoff <jmm@...ian.org> To: bugtraq@...urityfocus.com Subject: [SECURITY] [DSA 2940-1] libstruts1.2-java security update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2940-1 security@...ian.org http://www.debian.org/security/ Moritz Muehlenhoff Aug 21, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libstruts1.2-java CVE ID : CVE-2014-0114 It was discovered that missing access checks in the Struts ActionForm object could result in the execution of arbitrary code. For the stable distribution (wheezy), this problem has been fixed in version 1.2.9-5+deb7u1. For the unstable distribution (sid), this problem has been fixed in version 1.2.9-9. We recommend that you upgrade your libstruts1.2-java packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@...ts.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJT9ZP+AAoJEBDCk7bDfE42iiUP/0pltqgMucIuY3qSLISTBNTH PMQIFK1DZpbTb2nGbsww0m6C8pe4ckqKDgezpm58+QVzQszNCK+BVWPsrz8EiXsO RTuMiQ005MwDgbQvvqDNw8T5zXj3+kBMzF/ZN8jS3pcHGuyn8EtL6JKBzrVhiAM/ YLTgt5wGt2HK7DnmtXroNVuWREk42jD+6cV0E2f16LPpwUWIZnPBpv3CFv+jv9ot RnJheBm76K9rgnatD54N7rV+JvuRtkidP/cZcMBEZRZTP2enFczcl43VCWYPKbFT OVS1tKzqf1+hIye8jwcg/W/Gyt5nZPeflzJoYYhaifdojb2H690Dmmm+Bves5Ie8 mJlI74F2pb/vjOmJMDn4Psgk077scYqArpA84edFNU8UJ8IJF1Ue7sas1MITxVDI MYl/2+HVt6QnxxUMMOJNIqIbzuogN5KUExHJgBpx6nJM/t1jZw4I2GQ4ilB7eUGk V/sLBBL8NVoJDw8W7R0xxcjwhZ9skJt9ab4vLVreAr1dRPYYUHa2ttIpSgBQ5gmD okw6okATTeo8EKjhfOn1PIbpEF6nRk/lbDu4uXJsuvp+2woNch2lUPLo64OgwJcQ I2jH4+sliClgMqw4VBk3bJ7M89y/N3vI39qO7wWtGRG68Cu8S2fa8J635tIWX4Vx u5Zped3uPxyEKk+90K8/ =yEUi -----END PGP SIGNATURE-----
Powered by blists - more mailing lists