openSUSE-SU-2021:1107-1

Опубликовано: 09 авг. 2021

Источник: suse-cvrf

Описание

Security update for fastjar

This update for fastjar fixes the following issues:

CVE-2010-2322: Fixed a directory traversal vulnerabilities. (bsc#1188517)

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.2

fastjar-0.98-lp152.4.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AJWN7K3ZWIZYG5QW25KKFIGISFYTG2R3/
E-Mail link for openSUSE-SU-2021:1107-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1188517
SUSE Bug 1188517
https://www.suse.com/security/cve/CVE-2010-2322/
SUSE CVE CVE-2010-2322 page

Описание

Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .jar archive, a related issue to CVE-2010-0831. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619.

Затронутые продукты

openSUSE Leap 15.2:fastjar-0.98-lp152.4.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2010-2322.html
CVE-2010-2322
https://bugzilla.suse.com/1188517
SUSE Bug 1188517

openSUSE-SU-2021:1107-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2010-2322

Описание

Затронутые продукты

Ссылки