Описание
Security update for ant
This update for ant fixes the following issues:
Security issue fixed:
- CVE-2018-10886: Fixed a path traversal vulnerability in malformed zip file paths, which allowed arbitrary file writes and could potentially lead to code execution (bsc#1100053)
Other changes made:
- Removed support for javadoc
- Default value for stripAbsolutePathSpec changed to 'true'
Список пакетов
SUSE Linux Enterprise Server 11 SP4
ant-1.7.1-20.11.5.1
ant-trax-1.7.1-16.11.5.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
ant-1.7.1-20.11.5.1
ant-trax-1.7.1-16.11.5.1
SUSE Linux Enterprise Software Development Kit 11 SP4
ant-1.7.1-20.11.5.1
ant-antlr-1.7.1-16.11.5.1
ant-apache-bcel-1.7.1-16.11.5.1
ant-apache-bsf-1.7.1-16.11.5.1
ant-apache-log4j-1.7.1-16.11.5.1
ant-apache-oro-1.7.1-16.11.5.1
ant-apache-regexp-1.7.1-16.11.5.1
ant-apache-resolver-1.7.1-16.11.5.1
ant-commons-logging-1.7.1-16.11.5.1
ant-javamail-1.7.1-16.11.5.1
ant-jdepend-1.7.1-16.11.5.1
ant-jmf-1.7.1-16.11.5.1
ant-junit-1.7.1-16.11.5.1
ant-manual-1.7.1-20.11.5.1
ant-nodeps-1.7.1-16.11.5.1
ant-scripts-1.7.1-20.11.5.1
ant-swing-1.7.1-16.11.5.1
ant-trax-1.7.1-16.11.5.1
Ссылки
- Link for SUSE-SU-2018:2789-1
- E-Mail link for SUSE-SU-2018:2789-1
- SUSE Security Ratings
- SUSE Bug 1100053
- SUSE CVE CVE-2018-10886 page
Описание
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: this candidate is not about any specific product, protocol, or design, that falls into the scope of the assigning CNA. Notes: None
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:ant-1.7.1-20.11.5.1
SUSE Linux Enterprise Server 11 SP4:ant-trax-1.7.1-16.11.5.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:ant-1.7.1-20.11.5.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:ant-trax-1.7.1-16.11.5.1
Ссылки
- CVE-2018-10886
- SUSE Bug 1100053