drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in apache-commons-collections
Name: |
Ausführen beliebiger Kommandos in apache-commons-collections |
|
ID: |
FEDORA-2016-dc3740c56e |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 22 |
|
Datum: |
So, 3. April 2016, 17:42 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
apache-commons-collections |
|
Originalnachricht |
Name : apache-commons-collections Product : Fedora 22 Version : 3.2.2 Release : 3.fc22 URL : http://commons.apache.org/collections/ Summary : Provides new interfaces, implementations and utilities for Java Collections Description : The introduction of the Collections API by Sun in JDK 1.2 has been a boon to quick and effective Java programming. Ready access to powerful data structures has accelerated development by reducing the need for custom container classes around each core object. Most Java2 APIs are significantly easier to use because of the Collections API. However, there are certain holes left unfilled by Sun's implementations, and the Jakarta-Commons Collections Component strives to fulfill them. Among the features of this package are: - special-purpose implementations of Lists and Maps for fast access - adapter classes from Java1-style containers (arrays, enumerations) to Java2-style collections. - methods to test or create typical set-theory properties of collections such as union, intersection, and closure.
------------------------------------------------------------------------------- - Update Information:
Update to upstream version 3.2.2 which fixes serialization vulnerability ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1316430 - Version 3.2.1 has a CVSS 10.0 vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1316430 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update apache-commons-collections' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|