Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in apache-commons-collections
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in apache-commons-collections
ID: FEDORA-2016-0c5838abc5
Distribution: Fedora
Plattformen: Fedora 23
Datum: So, 3. April 2016, 17:43
Referenzen: Keine Angabe

Originalnachricht

Name        : apache-commons-collections
Product : Fedora 23
Version : 3.2.2
Release : 3.fc23
URL : http://commons.apache.org/collections/
Summary : Provides new interfaces, implementations and utilities for Java
Collections
Description :
The introduction of the Collections API by Sun in JDK 1.2 has been a
boon to quick and effective Java programming. Ready access to powerful
data structures has accelerated development by reducing the need for
custom container classes around each core object. Most Java2 APIs are
significantly easier to use because of the Collections API.
However, there are certain holes left unfilled by Sun's
implementations, and the Jakarta-Commons Collections Component strives
to fulfill them. Among the features of this package are:
- special-purpose implementations of Lists and Maps for fast access
- adapter classes from Java1-style containers (arrays, enumerations) to
Java2-style collections.
- methods to test or create typical set-theory properties of collections
such as union, intersection, and closure.

-------------------------------------------------------------------------------
-
Update Information:

Update to upstream version 3.2.2 which fixes serialization vulnerability
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1316430 - Version 3.2.1 has a CVSS 10.0 vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1316430
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update apache-commons-collections' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung