[RAT-214] Update commons-compress and apache-ant due to security problems - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 0.11
Fix Version/s: 0.12
Component/s: None
Labels:
None

Description

Try to update

commons-compress
apache-ant
due to possible security problems.

Context

Algorithmic complexity vulnerability in the sorting algorithms in
bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons
Compress before 1.4.1 and Apache Ant before 1.8.4 allows remote
attackers to cause a denial of service (CPU consumption) via a file with
many repeating inputs.

Attachments

Activity

People

Assignee:: Philipp Ottlinger

Reporter:: Philipp Ottlinger

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 14/Mar/16 20:45

Updated:: 15/Mar/16 06:23

Resolved:: 14/Mar/16 20:50