USN-1298-1: Apache Commons Daemon vulnerability
12 December 2011
Apache Commons Daemon would allow unintended access to files over the network.
- commons-daemon - wrapper to launch Java applications as daemons
Wilfried Weissmann discovered that Apache Commons Daemon incorrectly
dropped capabilities after starting. A remote attacker could possibly use
this flaw to read certain files, bypassing the intended permissions.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart applications which use
Apache Commons Daemon, such as the Jetty web server, to make all the