Unsubscribe Daniel On Feb 8, 2014 1:00 AM, "Florian Weimer" <f...@deneb.enyo.de> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - ------------------------------------------------------------------------- > Debian Security Advisory DSA-2856-1 secur...@debian.org > http://www.debian.org/security/ Florian Weimer > February 07, 2014 http://www.debian.org/security/faq > - ------------------------------------------------------------------------- > > Package : libcommons-fileupload-java > Vulnerability : denial of service > Problem type : remote > Debian-specific: no > CVE ID : CVE-2014-0050 > > It was discovered that the Apache Commons FileUpload package for Java > could enter an infinite loop while processing a multipart request with > a crafted Content-Type, resulting in a denial-of-service condition. > > For the oldstable distribution (squeeze), this problem has been fixed in > version 1.2.2-1+deb6u2. > > For the stable distribution (wheezy), this problem has been fixed in > version 1.2.2-1+deb7u2. > > For the unstable distribution (sid), this problem has been fixed in > version 1.3.1-1. > > We recommend that you upgrade your libcommons-fileupload-java packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: http://www.debian.org/security/ > > Mailing list: debian-security-annou...@lists.debian.org > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.12 (GNU/Linux) > > iQEcBAEBAgAGBQJS9WToAAoJEL97/wQC1SS+IcIH/18AS3UkkZtLgZcEGpBeBEM+ > OX00IRYPc3emFQcB3ZUUeiYGtq3aAEKYTW5wd8tAA04K4wUMdcV70oUxnFEeUcLl > ir0b4rIM/ozB86iBN95jmgQzY7pdx703tvhA7CQlNdC0WTEPFHW7yrGksrAk5rTv > zw5NlN3Hi9McYH+kigp6ULoNavWfByNM7i7xNb7tPCulF0MnIyhfg0ewxgg+QfYj > RB0V5U/jSW77n0E/Ft9MX5cthViwaCxYREJoXgSIDid/OYyNIE3aZuB+KKFDwPGw > /dkC+QIE6Zbeesx73YBo+oCEKulGE1UOutjrHy/vnV+mvZklmvChyZEyaGjIG5w= > =noFV > -----END PGP SIGNATURE----- > > > -- > To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > Archive: http://lists.debian.org/87y51mil6r....@mid.deneb.enyo.de > >