Package "batik"
| Name: |
batik
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- xml.apache.org SVG Library
|
| Latest version: |
1.14-1ubuntu0.2 |
| Release: |
jammy (22.04) |
| Level: |
updates |
| Repository: |
universe |
Links
Other versions of "batik" in Jammy
Packages in group
Deleted packages are displayed in grey.
Changelog
|
batik (1.14-1ubuntu0.2) jammy-security; urgency=medium
- debian/patches/CVE-2022-38398.patch: BATIK-1331: Jar url should be
blocked by DefaultExternalResourceSecurity.
- debian/patches/CVE-2022-38648.patch: BATIK-1333: Block external
resource before calling fop.
- debian/patches/CVE-2022-40146.patch: BATIK-1335: Jar url should be
blocked by DefaultScriptSecurity.
- debian/patches/CVE-2022-41704.patch: BATIK-1338: Block loading jar
inside svg.
- debian/patches/CVE-2022-42890.patch: BATIK-1345: Restrict what java
classes can be run thru rhino.
- CVE-2022-38398
- CVE-2022-38648
- CVE-2022-40146
- CVE-2022-41704
- CVE-2022-42890
-- Paulo Flabiano Smorigo <email address hidden> Tue, 23 May 2023 15:45:29 -0300
|
| CVE-2022-38398 |
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue a |
| CVE-2022-38648 |
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects A |
| CVE-2022-40146 |
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affec |
| CVE-2022-41704 |
A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics pri |
| CVE-2022-42890 |
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML |
|
About
-
Send Feedback to @ubuntu_updates
