Package "shiro"

Links

Other versions of "shiro" in Oracular

Repository	Area	Version
base	universe	1.3.2-5
security	universe	1.3.2-5ubuntu0.24.10.1

Packages in group

Deleted packages are displayed in grey.

• libshiro-java

Changelog

Version: 1.3.2-5ubuntu0.24.10.1	2024-12-10 21:07:08 UTC
shiro (1.3.2-5ubuntu0.24.10.1) oracular-security; urgency=medium   * SECURITY UPDATE: Path traversal through path rewriting and Open Redirect     with form authentication.     - debian/patches/CVE-2023-34478.patch: Check for path traversal values in       .../web/filter/InvalidRequestFilter.java.     - debian/patches/CVE-2023-467xx.patch: Extend path traversal checking       values in .../web/filter/InvalidRequestFilter.java.     - CVE-2023-34478     - CVE-2023-46749     - CVE-2023-46750  -- Hlib Korzhynskyy <email address hidden> Mon, 09 Dec 2024 14:36:39 -0330
CVE-2023-34478 Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used togeth CVE-2023-46749 Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used togethe CVE-2023-46750 URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Sh

---

Share this page

Bookmarks

google-chrome-beta 132.0.6834.46

Latest updates

  Packages changelogs
  Bugs & CVEs

updates

udisks2 (oracular)
udisks2 (oracular)
udisks2 (noble)
udisks2 (noble)
python-cepces (oracular)
python-cepces (noble)
python-tornado (oracular)
python-tornado (noble)
magnum-ui (jammy)
oem-stella-nobisuke-rpl-meta (jammy)
magnum-ui (focal)
intel-microcode (oracular)
intel-microcode (noble)
intel-microcode (jammy)
intel-microcode (focal)
python-libmaas (oracular)
shiro (oracular)
python-libmaas (noble)
linux-restricted-signatures-aws (noble)
linux-restricted-signatures-oracle (noble)
linux-restricted-modules-aws (noble)
linux-restricted-modules-oracle (noble)

security

python-tornado (oracular)
python-tornado (noble)
intel-microcode (oracular)
intel-microcode (noble)
intel-microcode (jammy)
intel-microcode (focal)

proposed

mesa (oracular)
mesa (oracular)

See all

PPA updates

  PPAs

nginx-nr-agent (bionic)
code (stable)
google-chrome-canary (stable)
google-chrome-beta (stable)
thunderbird (wilma)
brave-browser (stable)
firefox (wilma)
firefox (vera)
opera-developer (stable)
code-insiders (stable)
google-chrome-stable (stable)
nginx-module-njs (oracular)
nginx-module-njs (noble)
nginx-module-njs (jammy)
nginx-module-njs (focal)
vivaldi-snapshot (stable)
pglast (jammy-pgdg)
postgresql-unit (jammy-pgdg)
libpg-query (jammy-pgdg)
repmgr (jammy-pgdg)
pgpool2 (jammy-pgdg)
pgbadger (jammy-pgdg)
barman (jammy-pgdg)
pglast (focal-pgdg)
postgresql-unit (focal-pgdg)
libpg-query (focal-pgdg)
repmgr (focal-pgdg)
pgpool2 (focal-pgdg)
pgbadger (focal-pgdg)
barman (focal-pgdg)

See all