openSUSE-SU-2021:2565-1

Опубликовано: 29 июл. 2021

Источник: suse-cvrf

Описание

Security update for fastjar

This update for fastjar fixes the following issues:

CVE-2010-2322: Fixed a directory traversal vulnerabilities. (bsc#1188517)

Список пакетов

openSUSE Leap 15.3

fastjar-0.98-3.6.2

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OHWHBBR2CBRHE7HR6PAPJLGHP3QCHYHS/
E-Mail link for openSUSE-SU-2021:2565-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1188517
SUSE Bug 1188517
https://www.suse.com/security/cve/CVE-2010-2322/
SUSE CVE CVE-2010-2322 page

Описание

Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .jar archive, a related issue to CVE-2010-0831. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619.

Затронутые продукты

openSUSE Leap 15.3:fastjar-0.98-3.6.2

Ссылки

https://www.suse.com/security/cve/CVE-2010-2322.html
CVE-2010-2322
https://bugzilla.suse.com/1188517
SUSE Bug 1188517

openSUSE-SU-2021:2565-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2010-2322

Описание

Затронутые продукты

Ссылки