Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:2635-1

Опубликовано: 06 авг. 2021
Источник: suse-cvrf

Описание

Security update for fastjar

This update for fastjar fixes the following issues:

  • CVE-2010-2322: Fixed a directory traversal vulnerabilities. (bsc#1188517)

Список пакетов

Image SLES12-SP4-SAP-Azure
fastjar-0.98-22.3.1
Image SLES12-SP4-SAP-Azure-BYOS
fastjar-0.98-22.3.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
fastjar-0.98-22.3.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
fastjar-0.98-22.3.1
Image SLES12-SP4-SAP-EC2-HVM
fastjar-0.98-22.3.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS
fastjar-0.98-22.3.1
Image SLES12-SP4-SAP-GCE
fastjar-0.98-22.3.1
Image SLES12-SP4-SAP-GCE-BYOS
fastjar-0.98-22.3.1
Image SLES12-SP5-Azure-SAP-BYOS
fastjar-0.98-22.3.1
Image SLES12-SP5-Azure-SAP-On-Demand
fastjar-0.98-22.3.1
Image SLES12-SP5-EC2-SAP-BYOS
fastjar-0.98-22.3.1
Image SLES12-SP5-EC2-SAP-On-Demand
fastjar-0.98-22.3.1
Image SLES12-SP5-GCE-SAP-BYOS
fastjar-0.98-22.3.1
Image SLES12-SP5-GCE-SAP-On-Demand
fastjar-0.98-22.3.1
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
fastjar-0.98-22.3.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
fastjar-0.98-22.3.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
fastjar-0.98-22.3.1
SUSE Linux Enterprise Server 12 SP5
fastjar-0.98-22.3.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
fastjar-0.98-22.3.1

Ссылки

Описание

Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .jar archive, a related issue to CVE-2010-0831. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619.

Затронутые продукты
Image SLES12-SP4-SAP-Azure-BYOS:fastjar-0.98-22.3.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:fastjar-0.98-22.3.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:fastjar-0.98-22.3.1
Image SLES12-SP4-SAP-Azure:fastjar-0.98-22.3.1
Ссылки