|
From: | Julien Lepiller |
Subject: | bug#47342: java-xstream@1.4.15 is vulnerable to CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350 and CVE-2021-21351 |
Date: | Tue, 23 Mar 2021 23:31:32 +0100 |
Le Tue, 23 Mar 2021 15:33:26 +0100, Léo Le Bouter via Bug reports for GNU Guix <bug-guix@gnu.org> a écrit : > Upstream has made a release: 1.4.16 - which fixes all the issues, > following is an unfinished patchset that fixes the issues, java- > mxparser package does not build and help from some more experienced > Java packagers is welcome to fix and push this patchset. Pushed as 4490dff98c6979a77f3982716239b526e0ef1337 to 8b2b5463963d5d4dee480b0cf73fa4a9eca414ba to master, with changes discussed on IRC. Thanks a lot for noticing it!
[Prev in Thread] | Current Thread | [Next in Thread] |