diff options
| author | Stefano Mazzucco <stefano@curso.re> | 2019-08-10 08:17:20 +0100 |
|---|---|---|
| committer | Stefano Mazzucco <stefano@curso.re> | 2019-08-10 08:28:21 +0100 |
| commit | e26a52a655f706b0d0b9bad32db10141870ee2ba (patch) | |
| tree | 0d87a35baa6e45f9c990958fa65c3ce9670759bd /pkgs/development/python-modules/termplotlib/gnuplot-subprocess.patch | |
| parent | 186d8bd7cc6d7f8f2b0363434f36c6f69277cddb (diff) | |
icedtea_web: 1.7.1 -> 1.8.3
Use the new official repository on GitHub and build the new launcher written in
Rust.
Also fixes the following security vulnerabilities:
- CVE-2019-10185: zip-slip attack during auto-extraction of a JAR file.
- CVE-2019-10181: executable code could be injected in a JAR file without
compromising the signature verification.
- CVE-2019-10182: improper path sanitization from <jar/> elements in JNLP
files.
References:
https://github.com/AdoptOpenJDK/IcedTea-Web/issues/327
Diffstat (limited to 'pkgs/development/python-modules/termplotlib/gnuplot-subprocess.patch')
0 files changed, 0 insertions, 0 deletions
