1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 2940-1] libstruts1.2-java security update

    From Moritz Muehlenhoff@1:229/2 to All on Thu Aug 21 08:50:02 2014
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-2940-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff
    Aug 21, 2014 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : libstruts1.2-java
    CVE ID : CVE-2014-0114

    It was discovered that missing access checks in the Struts ActionForm
    object could result in the execution of arbitrary code.

    For the stable distribution (wheezy), this problem has been fixed in
    version 1.2.9-5+deb7u1.

    For the unstable distribution (sid), this problem has been fixed in
    version 1.2.9-9.

    We recommend that you upgrade your libstruts1.2-java packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBAgAGBQJT9ZP+AAoJEBDCk7bDfE42iiUP/0pltqgMucIuY3qSLISTBNTH PMQIFK1DZpbTb2nGbsww0m6C8pe4ckqKDgezpm58+QVzQszNCK+BVWPsrz8EiXsO RTuMiQ005MwDgbQvvqDNw8T5zXj3+kBMzF/ZN8jS3pcHGuyn8EtL6JKBzrVhiAM/ YLTgt5wGt2HK7DnmtXroNVuWREk42jD+6cV0E2f16LPpwUWIZnPBpv3CFv+jv9ot RnJheBm76K9rgnatD54N7rV+JvuRtkidP/cZcMBEZRZTP2enFczcl43VCWYPKbFT OVS1tKzqf1+hIye8jwcg/W/Gyt5nZPeflzJoYYhaifdojb2H690Dmmm+Bves5Ie8 mJlI74F2pb/vjOmJMDn4Psgk077scYqArpA84edFNU8UJ8IJF1Ue7sas1MITxVDI MYl/2+HVt6QnxxUMMOJNIqIbzuogN5KUExHJgBpx6nJM/t1jZw4I2GQ4ilB7eUGk V/sLBBL8NVoJDw8W7R0xxcjwhZ9skJt9ab4vLVreAr1dRPYYUHa2ttIpSgBQ5gmD okw6okATTeo8EKjhfOn1PIbpEF6nRk/lbDu4uXJsuvp+2woNch2lUPLo64OgwJcQ I2jH4+sliClgMqw4VBk3bJ7M89y/N3vI39qO7wWtGRG68Cu8S2fa8J635tIWX4Vx u5Zped3uPxyEKk+90K8/
    =yEUi
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)