Bug#893663: freeplane: CVE-2018-1000069 XXE vulnerability

Salvatore Bonaccorso carnil at debian.org
Wed Mar 21 06:09:53 UTC 2018


For reference: the issue is linked from the security advisory page at
https://www.freeplane.org/wiki/index.php/Fixed_security_vulnerabilities
. Ahtough there is unfortunately no reference to the fixing commit
(which wuould have been good for downstreams to help), we know the
versions fixed are 1.5.20 and 1.6.1_17.

That might help identifying the required fix.

HTH,

Regards,
Salvatore



More information about the pkg-java-maintainers mailing list