UbuntuUpdates.org

Package "libcommons-fileupload-java"

Name: libcommons-fileupload-java

Description:

File upload capability to your servlets and web applications
Latest version: 1.2.2-1ubuntu0.12.04.2
Release: precise (12.04)
Level: updates
Repository: universe
Homepage: http://commons.apache.org/fileupload/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libcommons-fileupload-java"

All arch deb package
APT INSTALL

Other versions of "libcommons-fileupload-java" in Precise

Repository Area Version
base universe 1.2.2-1
security universe 1.2.2-1ubuntu0.12.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.2.2-1ubuntu0.12.04.2 2013-11-15 19:06:25 UTC

  libcommons-fileupload-java (1.2.2-1ubuntu0.12.04.2) precise-security; urgency=low

  * SECURITY REGRESSION: missing jar file (LP: #1251340)
    - debian/libcommons-fileupload-java.poms: maven-debian-helper 1.5 in
      precise doesn't automatically install to /usr/share/java unless the
      --java-lib option is specified in the .poms file. The package had
      not been rebuilt in the archive since that change, introducing a
      regression in the security update.
 -- Marc Deslauriers <email address hidden> Fri, 15 Nov 2013 12:00:34 -0500
Source diff to previous version
1251340 Missing jar file in 1.2.2-1ubuntu0.12.04.1

Version: 1.2.2-1ubuntu0.12.04.1 2013-11-13 16:07:10 UTC

  libcommons-fileupload-java (1.2.2-1ubuntu0.12.04.1) precise-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via poison null byte
    - debian/patches/CVE-2013-2186.patch: properly validate repository in
      src/java/org/apache/commons/fileupload/disk/DiskFileItem.java.
    - CVE-2013-2186
 -- Marc Deslauriers <email address hidden> Thu, 07 Nov 2013 09:48:15 -0500
CVE-2013-2186 The DiskFileItem class in Apache Commons FileUpload, as used in Red ...


About   -   Send Feedback to @ubuntu_updates