drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in Freeplane
Name: |
Preisgabe von Informationen in Freeplane |
|
ID: |
DSA-4175-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie, Debian stretch |
|
Datum: |
Mi, 18. April 2018, 07:55 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000069 |
|
Applikationen: |
Freeplane |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4175-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 18, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : freeplane CVE ID : CVE-2018-1000069 Debian Bug : 893663
Wojciech Regula discovered an XML External Entity vulnerability in the XML Parser of the mindmap loader in freeplane, a Java program for working with mind maps, resulting in potential information disclosure if a malicious mind map file is opened.
For the oldstable distribution (jessie), this problem has been fixed in version 1.3.12-1+deb8u1.
For the stable distribution (stretch), this problem has been fixed in version 1.5.18-1+deb9u1.
We recommend that you upgrade your freeplane packages.
For the detailed security status of freeplane please refer to its security tracker page at: https://security-tracker.debian.org/tracker/freeplane
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlrWxN9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TWZQ//e38sUdwj6IZXNKfGIwUhzXXYJEt3Sq4VIBYzUIKz62+vDI6JKtFcfgC9 u+VN8bsClzlJwpsJltJXP8XNObvlXdi+xoD/+KcXhrmj0r7I77ZcfkKmD8L1zeR9 R+4tTVsUjahFELM7WcvNMcRPyIYa/fOYDIWYnzLqdHlCKHAfqDUgAcg4l76K44i5 dLC8JfQNMVe/oH2vR5N+nmZzBml44uURsV+D2We0Fr/q4OBcHtFw8vVziiZ8ZWuu fRyR72sX+pjgmFoa2725D9XnRMVOdaCSc778jiwPVRkvWvc6oFtW1shQ4waWl7WO qQggaU6vLot2M0HYdWVLazT3vX6GyVXFV5d9FfHm2/GCcoz/F84Pjwg3Y01X3hCz VBTZUN6B+1WqvxcXSKS33xPIORmMwQZ0jCa+IgNxKUFlnfvML9lsUXSajBNnSziF 1eDw3/opvqom9jluJsCLdeWiDH2Ya3p0C/jJAwYQGZLZZema9FkPI9D6slydJjUE byAo8gmJKUmlHoWNxieumNDfyqzExvGLEsgcLlRtrJoyO4M4l/Uk2BuauEXEkgim 0AW/5biL/gYBX82c5oDx6w1JiKDyJ/lAKmb0ihHcZsPeVJeHIW+tdR6sEfZOrkdM GZtBt39gzpoUesykcGYRWtHq11gxa3JPBEq/6OD6IgZ6XIwPAYw= =VS6n -----END PGP SIGNATURE-----
|
|
|
|