[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2712-1] libjdom1-java security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2712-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
July 20, 2021                                 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : libjdom1-java
Version        : 1.1.3-1+deb9u1
CVE ID         : CVE-2021-33813
Debian Bug     : #990672

It was discovered that there was a potential an entity-expansion
issue in libjdom1-java, a lightweight and fast library for using
XML. Attackers could have caused a denial of service via a
specially-crafted HTTP request.

For Debian 9 "Stretch", this problem has been fixed in version
1.1.3-1+deb9u1.

We recommend that you upgrade your libjdom1-java packages.

For the detailed security status of libjdom1-java please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libjdom1-java

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmD2p7cACgkQHpU+J9Qx
Hlhhew/8DTq9ZT9GyQ/qKWFrPU+6KFkq/HVLTwkCcSaa4EV4rXMgppCidR1Yr4PT
u/Uh8n48HXwZzXo2R+a0ok7bgyfE0AMn7aLWBGAc2Y5V0115qmJO0Ou0qErZjhZH
KESh7tWmm2nNUl5nTg3Qe5NGiARIu7PZnjxnWvFhXySjaosZhCtYCA7HgTF5MQwo
1Tcv8BAkkvlIlbD+S0dNMDkIwL5GhK09fwFC1UBv8D+dnc/6r4yfit3aIQSFDN60
hf9FoF6UZI+m0tIgsNN/xwaIA+Vo7KZtRc8MmOmDfJNEMqvrbe02XX/qazwi2ZcB
xffzh73uqLwgQy5LHihzmcX9+dTU2kM0nFz8YLvfKRdiO7nHAUUdvyz2PtZY9vkL
N2pdOnNMyZpmaA1uL+Fp21Vn2kNEWof4u31KaqTINemflzQNk6pQmNiMbJeQ0ryR
QE2Mh+ZaB9Dk6cz7DctPFzOBAOhOznf+G2CdqFEb1krokiKujjEntKYcKFG55CjH
5v+rFWnMVl2xZvDtvoN8VUhXt/9nh6/uV3+7M7KA4tz6ubmsPq/2NsH8MO5YdNfT
6a3p1Nc1ieG/cSDiI5sjsQcHEgNUAbnBy/RmMMJPIb9+UTBFuJeC/NTj7/fkUBDS
HXgTvLT/Ts6TRqI73Nitc5IvSStKjLZ1+5D0TjqodGAX4OiSrT8=
=UwpR
-----END PGP SIGNATURE-----


Reply to: