UbuntuUpdates.org

Package "libvelocity-tools-java"

Name: libvelocity-tools-java

Description:

collection of useful tools for Velocity template engine

Latest version: 2.0-7ubuntu0.20.04.1
Release: focal (20.04)
Level: security
Repository: universe
Head package: velocity-tools
Homepage: http://velocity.apache.org/tools/

Links


Download "libvelocity-tools-java"


Other versions of "libvelocity-tools-java" in Focal

Repository Area Version
base universe 2.0-7
updates universe 2.0-7ubuntu0.20.04.1

Changelog

Version: 2.0-7ubuntu0.20.04.1 2023-08-10 17:06:59 UTC

  velocity-tools (2.0-7ubuntu0.20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: XSS and Code Execution
    - debian/patches/CVE-2020-13959.patch: fixed an XSS in VelocityViewServlet
      module
    - CVE-2020-13959

 -- Amir Naseredini <email address hidden> Thu, 10 Aug 2023 10:06:02 +0100

CVE-2020-13959 The default error page for VelocityView in Apache Velocity Tools prior to 3.1 reflects back the vm file that was entered as part of the URL. An attac



About   -   Send Feedback to @ubuntu_updates