TEMP-0904191-9063D5

NameTEMP-0904191-9063D5
DescriptionIncomplete fix for CVE-2018-10886
SourceAutomatically generated temporary name. Not for external reference.
Debian Bugs904191

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ant (PTS)jessie1.9.4-3vulnerable
jessie (security)1.9.4-3+deb8u2fixed
stretch1.9.9-1fixed
stretch (security)1.9.9-1+deb9u1fixed
buster, sid1.10.5-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
antsource(unstable)1.10.5-1904191
antsourcejessie1.9.4-3+deb8u2
antsourcestretch(not affected)

Notes

[stretch] - ant <not-affected> (Incomplete fix for CVE-2018-10886 not applied)
Workaround entry for DLA-1457-1 (as no CVE will be assigned by its CNA)
https://github.com/apache/ant/commit/6a41d62cb9ab4e640b72cb4de42a6c211dea645d
https://github.com/apache/ant/commit/5a8c37b271677587046bfd0fea18c1675d5a6300
https://bz.apache.org/bugzilla/show_bug.cgi?id=62502

Search for package or bug name: Reporting problems