CVE-2018-10886

NameCVE-2018-10886
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ant (PTS)jessie1.9.4-3vulnerable
stretch1.9.9-1vulnerable
buster, sid1.10.4-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
antsource(unstable)1.10.4-1

Notes

Fixed upstream in 1.9.12 and 1.10.4
https://github.com/apache/ant/commit/e56e54565804991c62ec76dad385d2bdda8972a7
https://github.com/apache/ant/commit/1a2b1e37e3616991588f21efa89c474dd6ff83ff
https://github.com/apache/ant/commit/f72406d53cfb3b3425cc9d000eea421a0e05d8fe
https://github.com/apache/ant/commit/857095da5153fd18504b46f276d84f1e76a66970

Search for package or bug name: Reporting problems