USN-3280-1: Apache Batik vulnerability

09 May 2017

Apache Batik would allow unintended access to files over the network or could be made to crash.

Releases

Packages

Details

Lars Krapf and Pierre Ernst discovered that Apache Batik incorrectly
handled XML external entities. A remote attacker could possibly use this
issue to obtain sensitive files from the filesystem, or cause a denial of
service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04

In general, a standard system update will make all the necessary changes.

References