From Salvatore Bonaccorso@21:1/5 to All on Wed Feb 21 21:00:01 2024
Source: libcommons-compress-java
Version: 1.25.0-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Control: found -1 1.22-1
Control: found -1 1.20-1
Hi,
The following vulnerability was published for libcommons-compress-java.
CVE-2024-25710[0]:
| Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability
| in Apache Commons Compress.This issue affects Apache Commons
| Compress: from 1.3 through 1.25.0. Users are recommended to upgrade
| to version 1.26.0 which fixes the issue.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.