Packages
- fastjar -
Details
Dan Rosenberg discovered that fastjar incorrectly handled file paths
containing ".." when unpacking archives. If a user or an automated system
were tricked into unpacking a specially crafted jar file, arbitrary files
could be overwritten with user privileges.
Dan Rosenberg discovered that fastjar incorrectly handled file paths
containing ".." when unpacking archives. If a user or an automated system
were tricked into unpacking a specially crafted jar file, arbitrary files
could be overwritten with user privileges.
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 9.10 karmic | fastjar – 2:0.98-1ubuntu0.9.10.1 | ||
| 9.04 jaunty | fastjar – 2:0.97-3ubuntu0.1 | ||
| 8.04 hardy | fastjar – 2:0.95-1ubuntu2.1 | ||
| 10.04 lucid | fastjar – 2:0.98-1ubuntu0.10.04.1 | ||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.