Summary: | <dev-java/commons-beanutils-1.9.4: Improper access restriction on classloader (CVE-2019-10086) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | normal | CC: | fordfrog, java |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://mail-archives.apache.org/mod_mbox/www-announce/201908.mbox/%3cC628798F-315D-4428-8CB1-4ED1ECC958E4@apache.org%3e | ||
See Also: | https://github.com/gentoo/gentoo/pull/20553 | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 823824 | ||
Bug Blocks: | 785943, 788109 |
Description
Sam James
2020-08-28 03:14:34 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=553539eb9d5c7409668481e510623db9f457f3e6 commit 553539eb9d5c7409668481e510623db9f457f3e6 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2021-04-27 09:13:13 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2021-04-27 11:29:48 +0000 dev-java/commons-beanutils: bump to 1.9.4 Bug: https://bugs.gentoo.org/739346 Package-Manager: Portage-3.0.18, Repoman-3.0.2 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Closes: https://github.com/gentoo/gentoo/pull/20553 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/commons-beanutils/Manifest | 1 + .../commons-beanutils-1.9.4.ebuild | 69 ++++++++++++++++++++++ 2 files changed, 70 insertions(+) we still have some tests failing, will try to fix that later... Looks like stabilization was done in bug 832341. Tree is clean. |