Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <updates <at> fedoraproject.org>
Subject: [SECURITY] Fedora 16 Update: apache-commons-compress-1.4.1-1.fc16
Newsgroups: gmane.linux.redhat.fedora.package.announce
Date: Sunday 3rd June 2012 23:26:27 UTC (over 4 years ago)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-8465
2012-05-27 01:33:41
--------------------------------------------------------------------------------

Name        : apache-commons-compress
Product     : Fedora 16
Version     : 1.4.1
Release     : 1.fc16
URL         : http://commons.apache.org/compress/
Summary     : Java API for working with tar, zip and bzip2 files
Description :
The code in this component came from Avalon's Excalibur, but originally
from Ant, as far as life in Apache goes. The tar package is originally
Tim Endres' public domain package. The bzip2 package is based on the
work done by Keiron Liddle. It has migrated via:
Ant -> Avalon-Excalibur -> Commons-IO -> Commons-Compress.

--------------------------------------------------------------------------------
Update Information:

Update to 1.4.1, fixing CVE-2012-2098
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 24 2012 Sandro Mathys  - 1.4.1-1
- Updated to 1.4.1
- Fixes CVE-2012-2098 Low: Denial of Service
* Fri Apr 27 2012 Sandro Mathys  - 1.4-1
- Updated to 1.4
* Thu Jan 12 2012 Fedora Release Engineering
 - 1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Nov  1 2011 Sandro Mathys  - 1.3-1
- Updated to 1.3
* Thu Aug  4 2011 Sandro Mathys  - 1.2-2
- Fixing mistake where different versions of the spec file got mixed up
* Thu Aug  4 2011 Sandro Mathys  - 1.2-1
- Updated to 1.2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #810406 - CVE-2012-2098 apache-commons-compress: denial of
service flaw when compressing certain files
        https://bugzilla.redhat.com/show_bug.cgi?id=810406
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update apache-commons-compress' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on
the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-announce
 
CD: 3ms