Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC

Bug 680516 (CVE-2019-9658)

Summary: dev-util/checkstyle: Checkstyle loads external DTDs by default.
Product: Gentoo Security Reporter: yuLya <gen2xmach1ne>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: normal CC: java
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B4 [upstream cve]
Package list:
Runtime testing required: ---

Comment 1 Yury German Gentoo Infrastructure gentoo-dev Security 2019-03-27 03:44:27 UTC
CVE ID: CVE-2019-9658
   Summary: Checkstyle before 8.18 loads external DTDs by default.

Allows unauthorized disclosure of information
Comment 2 Sam James gentoo-dev Security 2020-03-19 01:54:48 UTC
@maintainer(s), please create an appropriate ebuild