This is an automated email from the git hooks/post-receive script.
fnatter-guest pushed a commit to branch stretch-CVE-2018-1000069
in repository freeplane.
commit c358116cf3858f53a7f8e9b43f2bfc5a26515048
Author: Felix Natter <fnat...@gmx.net>
Date: Sun Apr 1 17:56:00 2018 +0200
fix changelog entry
---
debian/changelog | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index a591cc6..0fb9b24 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,11 @@
-freeplane (1.5.18-1+deb9u1) unstable; urgency=medium
+freeplane (1.5.18-1+deb9u1) stretch-security; urgency=high
- * fix CVE-2018-1000069
+ * Fix CVE-2018-1000069: Wojciech ReguĊa discovered that FreePlane was
+ affected by a XML External Entity (XXE) vulnerability in its mindmap
+ loader that could compromise a user's machine by opening a specially
+ crafted mind map file. (Closes: #893663)
- -- Felix Natter <fnat...@gmx.net> Sun, 01 Apr 2018 15:53:49 +0200
+ -- Felix Natter <fnat...@gmx.net> Sun, 01 Apr 2018 17:55:27 +0200
freeplane (1.5.18-1) unstable; urgency=medium
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/pkg-java/freeplane.git
_______________________________________________
pkg-java-commits mailing list
pkg-java-comm...@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits
