[SECURITY] [DLA 4243-1] batik security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4243-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
July 20, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : batik
Version : 1.12-4+deb11u3
CVE ID : CVE-2020-11987 CVE-2022-38398 CVE-2022-38648 CVE-2022-40146
Debian Bug : 984829 1020589
Multiple cases of Server-Side Request Forgery have been fixed in the
Batik SVG toolkit for Java.
For Debian 11 bullseye, these problems have been fixed in version
1.12-4+deb11u3.
We recommend that you upgrade your batik packages.
For the detailed security status of batik please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/batik
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmh9VNkACgkQiNJCh6LY
mLEaPQ//ebd95SfL7TY/bXWWH7EuKGIp8HsLarYep4wu3TU+dghdKbypMgYyoKY5
4WMI+yMV9k1GZ4YlTJNYhHc/5dF+Emp8umbMKd20WcoIPnqajKKGePwa8aYz7L4f
vZierzWONxGY+aCZE8R8P5SntdrQ2VCOSFi46whx8jNvPSoW7iJT3lsyC35Yqh3v
7CLMREetpSsEiYwmWfZp38u2GaYGD+qiqC61qW+cMFip75UY9BrnXG6nBWwQOvnH
qvj6OPD39hQGZwXp8DRUlt9MX6Y6vIQHrNq2jCU7dzjVjneElE+dd+vYZ4hf4ucL
wy4QEiqoYjfIRGvYLPOkoRicHAiIT/RVNFaF3dXHCMgj+QqdnmUzlVhFYP+kOVO9
H2cmLt9Dh8+HS7Ejk7wS+/1r9C/tA4/+LmroIFLgh/wqX7eSFecZ3c0tTfqX+KK4
3HzPs3Ga8zM8IjAxKdGUgOOFLeaHiNGSleFygtkCIM+8lVlBN8a8/DBHv+2ApaAF
C3WxcQPXiaxmA16U53+se37HuwVt32sPhe3lat9k8oa5Kne/YQpmlVKYbqWWOiGC
8rMhhJgG05hPbBKwELn1KMsp64BZGW64lEGSpc7d87A9/1RUACyMl130aEjZfTmo
0hPKITKKKskbUz5ahoI0m+7V8iDi/+HyZADUl7mTbJUZGjxcpK0=
=4NpM
-----END PGP SIGNATURE-----
Reply to: