Summary: | dev-util/checkstyle: XML External Entity Injection due to an incomplete fix for CVE-2019-9658 (CVE-2019-10782) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | java |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2020-02-25 00:53:21 UTC
@maintainer(s): ping Non-vulnerable versions depend on dev-java/saxon-10.6 which is not in ::gentoo. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=446785d0cb1fa2fc2838cc450189797e0de5aba0 commit 446785d0cb1fa2fc2838cc450189797e0de5aba0 Author: Jakov Smolić <jsmolic@gentoo.org> AuthorDate: 2022-05-29 07:20:57 +0000 Commit: Jakov Smolić <jsmolic@gentoo.org> CommitDate: 2022-05-29 07:20:57 +0000 dev-util/checkstyle: treeclean Bug: https://bugs.gentoo.org/710750 Closes: https://bugs.gentoo.org/828453 Bug: https://bugs.gentoo.org/680516 Closes: https://bugs.gentoo.org/436226 Signed-off-by: Jakov Smolić <jsmolic@gentoo.org> dev-util/checkstyle/Manifest | 1 - dev-util/checkstyle/checkstyle-7.2-r1.ebuild | 67 ---------------------------- dev-util/checkstyle/metadata.xml | 12 ----- profiles/package.mask | 5 --- 4 files changed, 85 deletions(-) Thanks, all done! |