[SECURITY] [DLA 1299-1] libjgraphx-java security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1299-1] libjgraphx-java security update
From: Chris Lamb <lamby@debian.org>
Date: Sun, 04 Mar 2018 22:38:34 +0000
Message-id: <[🔎] 1520203114.3417908.1291232936.45319097@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libjgraphx-java
Version        : 1.4.1.0-3+deb7u1
CVE ID         : CVE-2017-18197
Debian Bug     : #891796

It was discovered that there was a potential XML External Entity (XXE)
attack in libjgraphx-java, a diagramming library for Java applications.

For Debian 7 "Wheezy", this issue has been fixed in libjgraphx-java version
1.4.1.0-3+deb7u1.

We recommend that you upgrade your libjgraphx-java packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlqcdUgACgkQHpU+J9Qx
HlhH6w//fyC70snYcOyvczzN3utsYlTuqXiLEXphqzT6QH6vUJq27sj7ya6B5uRX
BZsKTFt7TvpELlhcSAOsBRlhFXiKXNRnvXedKgpouZjnX7+XUWMXL4mX2pM0H01O
A6W+1+AtnGZJffPVmbTAQQ5aFurWtUxocEayrmBBdWKUHb3DfcddW5wSQRjBvccg
jVBK9f9vygDheiNJDv6rxCoa09VgagkRPELfpmWP6wZZdCOHyxQ1ILpUmgbYoPsn
e/tfGeGM7bbmcVZkMi39fXeqvRBr5qBchcBUHBeS/5f1anVyy4bJl/mYVDUCzD5e
1JM6fJA0yBGJxtIlK1b485iU/s1YjjLgSiJftZhT1aQQGhpL5GunkUyr+q3hCIqP
6Cha/gU+I83MpFmEBKUP0LT5DGHaFHYW40lDMdlhJcqg61WlfO1c03WS7Tj2bm29
1Gql3670hVBcJKEbVGVrpUebATlgazI3ZvA+eaq7NbZEFZtC3CNJ+sLPajBYKpMm
ZiJ5QcExLWL1JY/2cliR4bFIwQa7XfgkFTVBdWYAfZzGBycufojhJTAo6OYcwcWp
MhhKcHNVUaHGjjg/+b5cNo19pqHL866aesIPa5uNoYiVscoX6F8Apl/JasJHYw7q
pX8aSGnp/MSEJ567kyE3iM/k7Vzzgz6yzyZ4+IgcaMHyuxuSSfo=
=V/n4
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1297-1] simplesamlphp security update
Next by Date: [SECURITY] [DLA 1300-1] xen security update
Previous by thread: [SECURITY] [DLA 1297-1] simplesamlphp security update
Next by thread: [SECURITY] [DLA 1300-1] xen security update
Index(es):
- Date
- Thread