Your submission was sent successfully! Close

USN-3280-1: Apache Batik vulnerability

9 May 2017

Apache Batik would allow unintended access to files over the network or could be made to crash.

Releases

Packages

Details

Lars Krapf and Pierre Ernst discovered that Apache Batik incorrectly
handled XML external entities. A remote attacker could possibly use this
issue to obtain sensitive files from the filesystem, or cause a denial of
service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04

In general, a standard system update will make all the necessary changes.

References