Uploaded image for project: 'Apache Rat'
  1. Apache Rat
  2. RAT-214

Update commons-compress and apache-ant due to security problems

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 0.11
    • 0.12
    • None
    • None

    Description

      Try to update

      • commons-compress
      • apache-ant
        due to possible security problems.

      Context

      Algorithmic complexity vulnerability in the sorting algorithms in
      bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons
      Compress before 1.4.1 and Apache Ant before 1.8.4 allows remote
      attackers to cause a denial of service (CPU consumption) via a file with
      many repeating inputs.

      Attachments

        Activity

          People

            pottlinger Philipp Ottlinger
            pottlinger Philipp Ottlinger
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: