Bug#852029: netbeans: CVE-2016-5537: Import directory traversal
Markus Koschany
apo at debian.org
Sun Jan 22 20:28:31 UTC 2017
On Fri, 20 Jan 2017 21:34:16 +0100 Salvatore Bonaccorso
<carnil at debian.org> wrote:
> Source: netbeans
> Version: 8.1+dfsg3-1
> Severity: important
> Tags: security upstream fixed-upstream
> Control: fixed -1 8.2+dfsg1-1
>
> Hi,
>
> the following vulnerability was published for netbeans.
>
> CVE-2016-5537[0]:
Hi,
I must admit I have no idea how to fix this in 8.1 because I cannot find
any information about what specific part of Netbeans is affected and
whether a minimal patch exists. It is also not clear if 8.2 in
experimental is affected or not because I had to replace several modules
with the ones shipped in 8.1 otherwise the package won't even compile.
Regards,
Markus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20170122/67a1bb68/attachment.sig>
More information about the pkg-java-maintainers
mailing list