FEDORA-2021-d894ca87dc created by didiksupriadi41 2 weeks ago for Fedora 34
stable
* Mon Oct 04 2021 Didik Supriadi <didiksupriadi41@fedoraproject.org> - 1.4.18-2
- Enable activation, cglib, dom4j, jdom, and jdom2

* Fri Oct 01 2021 Didik Supriadi <didiksupriadi41@fedoraproject.org> - 1.4.18-1
- Update to version 1.4.18

How to install

sudo dnf upgrade --advisory=FEDORA-2021-d894ca87dc

This update has been submitted for testing by didiksupriadi41.

2 weeks ago

This update's test gating status has been changed to 'ignored'.

2 weeks ago

This update's test gating status has been changed to 'waiting'.

2 weeks ago

This update's test gating status has been changed to 'ignored'.

2 weeks ago

This update has been pushed to testing.

2 weeks ago

This update has been submitted for stable by bodhi.

2 weeks ago

This update has been pushed to stable.

2 weeks ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 weeks ago
in testing
2 weeks ago
in stable
2 weeks ago
BZ#1908833 CVE-2020-26258 xstream: Server-Side Forgery Request vulnerability can be activated when unmarshalling [fedora-all]
0
0
BZ#1908838 CVE-2020-26259 xstream: arbitrary file deletion on the local host when unmarshalling [fedora-all]
0
0
BZ#1942540 CVE-2021-21341 xstream: allow a remote attacker to cause DoS only by manipulating the processed input stream [fedora-all]
0
0
BZ#1942547 CVE-2021-21342 xstream: SSRF via crafted input stream [fedora-all]
0
0
BZ#1942551 CVE-2021-21343 xstream: arbitrary file deletion on the local host via crafted input stream [fedora-all]
0
0
BZ#1942556 CVE-2021-21344 xstream: arbitrary code execution via crafted input stream [fedora-all]
0
0
BZ#1942560 CVE-2021-21345 xstream: allow a remote attacker who has sufficient rights to execute commands of the host only by manipulating the processed input stream [fedora-all]
0
0
BZ#1942579 CVE-2021-21346 xstream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream [fedora-all]
0
0
BZ#1942631 CVE-2021-21347 xstream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream [fedora-all]
0
0
BZ#1942634 CVE-2021-21348 xstream: ReDoS vulnerability [fedora-all]
0
0
BZ#1942636 CVE-2021-21349 xstream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host [fedora-all]
0
0
BZ#1942638 CVE-2021-21350 xstream: allow a remote attacker to execute arbitrary code only by manipulating the processed input stream [fedora-all]
0
0
BZ#1942643 CVE-2021-21351 xstream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream [fedora-all]
0
0
BZ#1966736 CVE-2021-29505 xstream: remote command execution attack by manipulating the processed input stream [fedora-all]
0
0
BZ#1997764 CVE-2021-39139 xstream: vulnerable to an arbitrary code execution attack by manipulating the processed input stream with type information [fedora-all]
0
0
BZ#1997767 CVE-2021-39140 xstream: DoS by manipulating the processed input stream [fedora-all]
0
0
BZ#1997770 CVE-2021-39141 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997773 CVE-2021-39144 xstream: vulnerable to a remote command execution attack [fedora-all]
0
0
BZ#1997776 CVE-2021-39145 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997778 CVE-2021-39146 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997780 CVE-2021-39147 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997782 CVE-2021-39148 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997785 CVE-2021-39149 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997788 CVE-2021-39150 xstream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host [fedora-all]
0
0
BZ#1997792 CVE-2021-39151 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997794 CVE-2021-39152 xstream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host [fedora-all]
0
0
BZ#1997796 CVE-2021-39153 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997802 CVE-2021-39154 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0

Automated Test Results