stable
FEDORA-2021-fbad11014a created by didiksupriadi41 10 months ago for Fedora 33
* Mon Oct 04 2021 Didik Supriadi <didiksupriadi41@fedoraproject.org> - 1.4.18-2
- Enable activation, cglib, dom4j, jdom, and jdom2

* Fri Oct 01 2021 Didik Supriadi <didiksupriadi41@fedoraproject.org> - 1.4.18-1
- Update to version 1.4.18

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2021-fbad11014a

This update has been submitted for testing by didiksupriadi41.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update's test gating status has been changed to 'waiting'.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago

This update has been submitted for stable by bodhi.

10 months ago

This update has been pushed to stable.

10 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
10 months ago
in testing
10 months ago
in stable
10 months ago
BZ#1908833 CVE-2020-26258 xstream: Server-Side Forgery Request vulnerability can be activated when unmarshalling [fedora-all]
0
0
BZ#1908838 CVE-2020-26259 xstream: arbitrary file deletion on the local host when unmarshalling [fedora-all]
0
0
BZ#1942540 CVE-2021-21341 xstream: allow a remote attacker to cause DoS only by manipulating the processed input stream [fedora-all]
0
0
BZ#1942547 CVE-2021-21342 xstream: SSRF via crafted input stream [fedora-all]
0
0
BZ#1942551 CVE-2021-21343 xstream: arbitrary file deletion on the local host via crafted input stream [fedora-all]
0
0
BZ#1942556 CVE-2021-21344 xstream: arbitrary code execution via crafted input stream [fedora-all]
0
0
BZ#1942560 CVE-2021-21345 xstream: allow a remote attacker who has sufficient rights to execute commands of the host only by manipulating the processed input stream [fedora-all]
0
0
BZ#1942579 CVE-2021-21346 xstream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream [fedora-all]
0
0
BZ#1942631 CVE-2021-21347 xstream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream [fedora-all]
0
0
BZ#1942634 CVE-2021-21348 xstream: ReDoS vulnerability [fedora-all]
0
0
BZ#1942636 CVE-2021-21349 xstream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host [fedora-all]
0
0
BZ#1942638 CVE-2021-21350 xstream: allow a remote attacker to execute arbitrary code only by manipulating the processed input stream [fedora-all]
0
0
BZ#1942643 CVE-2021-21351 xstream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream [fedora-all]
0
0
BZ#1966736 CVE-2021-29505 xstream: remote command execution attack by manipulating the processed input stream [fedora-all]
0
0
BZ#1997764 CVE-2021-39139 xstream: vulnerable to an arbitrary code execution attack by manipulating the processed input stream with type information [fedora-all]
0
0
BZ#1997767 CVE-2021-39140 xstream: DoS by manipulating the processed input stream [fedora-all]
0
0
BZ#1997770 CVE-2021-39141 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997773 CVE-2021-39144 xstream: vulnerable to a remote command execution attack [fedora-all]
0
0
BZ#1997776 CVE-2021-39145 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997778 CVE-2021-39146 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997780 CVE-2021-39147 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997782 CVE-2021-39148 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997785 CVE-2021-39149 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997788 CVE-2021-39150 xstream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host [fedora-all]
0
0
BZ#1997792 CVE-2021-39151 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997794 CVE-2021-39152 xstream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host [fedora-all]
0
0
BZ#1997796 CVE-2021-39153 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0
BZ#1997802 CVE-2021-39154 xstream: vulnerable to an arbitrary code execution attack [fedora-all]
0
0

Automated Test Results