[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2099-1] checkstyle security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : checkstyle
Version        : 5.9-1+deb8u2
CVE ID         : CVE-2019-10782

Security researchers from Snyk discovered that the fix for CVE-2019-9658
was incomplete. Checkstyle, a development tool to help programmers write
Java code that adheres to a coding standard, was still vulnerable to XML
External Entity (XXE) injection.

For Debian 8 "Jessie", this problem has been fixed in version
5.9-1+deb8u2.

We recommend that you upgrade your checkstyle packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl5BfPpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeQVVRAAuH+ifCihX4W2mpIdJquIsP/0TbGKX9U8cNJ/FWdviIPmM7M8oDrPpKF7
OYhMR9XoZzUCRQToYzOCtbjfHESf3JI6HOQtFN2zVEuQPZUmkcHcl3Bp769GVMX2
TmuDtx5cV8aon/7DDSAZvsGYKCuBGl5c0DWI53DMB1tDYqYj/DT03X/AhMRqkEM/
jrhJ47QmvkBq5g6WOQ2zEhqxEX3t0f0BlbRtIJbIIpvZ87MTZ9FOycNvS7b/xQkS
s3ExSR/LHFJC1r5KEvxsriOea89nvW+ctlDlN2YZC0w6iz5uE7ZrnzzeiGQTbm5y
Ehhozb1WXKHaJ8LWNU5tbbywVInvqvWocmP0DZqIfe9gDEEpQ6yt4ZucZQtW2Z/f
1q3gMNGvO0fI343V/V7Vy7jdkR/Sh/xuIc3ce3c3Xqp+QbaLo7E2mORshcXfEr8w
dz4hESqV687ShMBMpYJRzhjd0/goKTyHydhSMIFscZMB3EPGHBbACPkivHFWolIh
9drrBFlY72XLYum+XRhSOC4VQUFmqY/gN/Ach1IO7yG/HMCs5IQG3vOxDDYBdYMP
p+5UekJU6PklDF3md6Nh0evJ2QWN3OXf3fb4OZzGswGBny0rcs2GBpPNLLTHsasn
Vn7KcwQiAwzJgPzcqhJlbku3qAruSfjgVKQbMTJDMqEeWU3PTKk=
=O9ql
-----END PGP SIGNATURE-----


Reply to: