1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted batik 1.12-4+deb11u1 (source) into proposed-updates

    From Debian FTP Masters@21:1/5 to All on Sat Nov 5 16:40:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Sat, 29 Oct 2022 16:37:36 CEST
    Source: batik
    Architecture: source
    Version: 1.12-4+deb11u1
    Distribution: bullseye-security
    Urgency: high
    Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
    Changed-By: Markus Koschany <apo@debian.org>
    Checksums-Sha1:
    dabaa965b2e87e35eb94089b25dd77a05fbaa8e5 2338 batik_1.12-4+deb11u1.dsc
    8eb190f841dffc125e673bd6849cc0fc047879ab 4350968 batik_1.12.orig.tar.xz
    3d6716208735405f006513304bf214eb01982509 33520 batik_1.12-4+deb11u1.debian.tar.xz
    2ec6c7ef1030ad54c8bbdff84763f0feee16bd13 15755 batik_1.12-4+deb11u1_amd64.buildinfo
    Checksums-Sha256:
    8101a09bab3955f869a494bcb6ee00b7a039a8502d7f9aa97d9982ce3266e085 2338 batik_1.12-4+deb11u1.dsc
    0d40dfe6bf6ca13082678576332747ee045a1d387432709e2095f07cfd2c006c 4350968 batik_1.12.orig.tar.xz
    f7c983c6a3db84b0d26e2f4e54ac908f2b57235aaf028d82b0e341abd8875e2b 33520 batik_1.12-4+deb11u1.debian.tar.xz
    957384bc2681c7bf552ed739d9754777ad1c6dfb5a97192c64db48b378bedbe4 15755 batik_1.12-4+deb11u1_amd64.buildinfo
    Changes:
    batik (1.12-4+deb11u1) bullseye-security; urgency=high
    .
    * Team upload.
    * Fix CVE-2022-41704 and CVE-2022-42890:
    It was discovered that Apache Batik, an SVG library for Java, allowed
    attackers to run arbitrary Java code by processing a malicious SVG file. Files:
    2319b6cc28a47cd1a7e237e40e3375ed 2338 java optional batik_1.12-4+deb11u1.dsc
    faf8f2171bf66ab4c662c78b3f7adcdc 4350968 java optional batik_1.12.orig.tar.xz
    1213d3a1c2af0a0bbb457671677b4f1e 33520 java optional batik_1.12-4+deb11u1.debian.tar.xz
    58f6fb040d478004420bed1e7ad8ebc1 15755 java optional batik_1.12-4+deb11u1_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmNdOzFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1Hk88kP/3A51z9UWgMPfHUNn8PnT8BsAArdmaCsVZHb ALXU+7sm5OTtRtEVHJpc6hRQAGokLhCpIGXYstBHkwkNkQSMzBrpk+Y+OJk6XphF NZFf0Mh1HNUosubTzfg5/XQscdAKiVfEVRgD9FmhWCWDgAvsEsII4ucKTe291u2r ZkVzycxMOvEhQb4Klx/8jOaXlkb5ot0OiY3s06SdCIkvqR6SvR+7CITEbbJpIo1w bqInDv7EgnP9Sld/QcVX4ybPS9FxobUjrz2x+ivBICZy1XbrKrNCBMoyhHe/2HmS x1vD00FNxOM3FgYtL8tenR3qmhGErT9V6T2pSbM2O2gDg9ccyl5hYC0HSxr3dRiu sFdq6YNKr4UgAz59m6y1JRtJVyWb4lRbs1asHm/Es0O0RL4hEIMuGf2e0f1XIl1a 2NST8cmc0TzDRbTjq7kmZj6LNN6g2plz4+2jpI8r6p+Gb0EtyXCKCWCOy51NqRBv V4pAQ+6ESZzjOl5D3rLzuDkyprZjR3sNPxcD7MC1sdUo1Bl/qHUjXfHuaLOM5eRy HQePKddRq4db3Dzg0vDtyRe6Ifu+oQd4aEpv8DlUMTV1S+DFRcfFNQRvSlT9Cg28 CKshrFYnbsnYHLV5IvCnCmMU1RfSd/EsPC3WBqeLQrrjk3PNeZmmr3fug5rkjInt
    Iz/TYjMV
    =32ts
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)