[go: up one dir, main page]
|
|
Log in / Subscribe / Register

Debian alert DLA-1299-1 (libjgraphx-java)



From:
    	      Chris Lamb <lamby@debian.org> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 1299-1] libjgraphx-java security update 


Date:
    	      Sun, 04 Mar 2018 22:38:34 +0000


Message-ID:
    	      <1520203114.3417908.1291232936.45319097@webmail.messagingengine.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libjgraphx-java
Version        : 1.4.1.0-3+deb7u1
CVE ID         : CVE-2017-18197
Debian Bug     : #891796

It was discovered that there was a potential XML External Entity (XXE)
attack in libjgraphx-java, a diagramming library for Java applications.

For Debian 7 "Wheezy", this issue has been fixed in libjgraphx-java version
1.4.1.0-3+deb7u1.

We recommend that you upgrade your libjgraphx-java packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlqcdUgACgkQHpU+J9Qx
HlhH6w//fyC70snYcOyvczzN3utsYlTuqXiLEXphqzT6QH6vUJq27sj7ya6B5uRX
BZsKTFt7TvpELlhcSAOsBRlhFXiKXNRnvXedKgpouZjnX7+XUWMXL4mX2pM0H01O
A6W+1+AtnGZJffPVmbTAQQ5aFurWtUxocEayrmBBdWKUHb3DfcddW5wSQRjBvccg
jVBK9f9vygDheiNJDv6rxCoa09VgagkRPELfpmWP6wZZdCOHyxQ1ILpUmgbYoPsn
e/tfGeGM7bbmcVZkMi39fXeqvRBr5qBchcBUHBeS/5f1anVyy4bJl/mYVDUCzD5e
1JM6fJA0yBGJxtIlK1b485iU/s1YjjLgSiJftZhT1aQQGhpL5GunkUyr+q3hCIqP
6Cha/gU+I83MpFmEBKUP0LT5DGHaFHYW40lDMdlhJcqg61WlfO1c03WS7Tj2bm29
1Gql3670hVBcJKEbVGVrpUebATlgazI3ZvA+eaq7NbZEFZtC3CNJ+sLPajBYKpMm
ZiJ5QcExLWL1JY/2cliR4bFIwQa7XfgkFTVBdWYAfZzGBycufojhJTAo6OYcwcWp
MhhKcHNVUaHGjjg/+b5cNo19pqHL866aesIPa5uNoYiVscoX6F8Apl/JasJHYw7q
pX8aSGnp/MSEJ567kyE3iM/k7Vzzgz6yzyZ4+IgcaMHyuxuSSfo=
=V/n4
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds