Ubuntu
batik package

batik 1.12-1ubuntu0.1 source package in Ubuntu

Changelog

batik (1.12-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Server-Side Request Forgery
    - debian/patches/CVE-2019-17566.patch: BATIK-1276: Allow blocking of
      external resources.
    - debian/patches/CVE-2020-11987.patch: BATIK-1284: Dont load DTDs in
      NodePickerPanel.
    - debian/patches/CVE-2022-38398.patch: BATIK-1331: Jar url should be
      blocked by DefaultExternalResourceSecurity.
    - debian/patches/CVE-2022-38648.patch: BATIK-1333: Block external
      resource before calling fop.
    - debian/patches/CVE-2022-40146.patch: BATIK-1335: Jar url should be
      blocked by DefaultScriptSecurity.
    - debian/patches/CVE-2022-41704.patch: BATIK-1338: Block loading jar
      inside svg.
    - debian/patches/CVE-2022-42890.patch: BATIK-1345: Restrict what java
      classes can be run thru rhino.
    - CVE-2019-17566
    - CVE-2020-11987
    - CVE-2022-38398
    - CVE-2022-38648
    - CVE-2022-40146
    - CVE-2022-41704
    - CVE-2022-42890

 -- Paulo Flabiano Smorigo <email address hidden>  Tue, 23 May 2023 15:47:40 -0300

Upload details

Uploaded by:
Paulo Flabiano Smorigo
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
java
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal updates universe misc
Focal security universe misc

Builds

Focal: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
batik_1.12.orig.tar.xz 4.1 MiB 0d40dfe6bf6ca13082678576332747ee045a1d387432709e2095f07cfd2c006c
batik_1.12-1ubuntu0.1.debian.tar.xz 34.7 KiB 21f5eb5646e2b5eedf7612233bb49e7071a23684577da05e22e9cb47880f9f36
batik_1.12-1ubuntu0.1.dsc 2.2 KiB 481e239175968cc75f6e77c69adca859e93944dcbbe349c073d4e2cd8b97a748

View changes file

Binary packages built by this source

libbatik-java: xml.apache.org SVG Library

 Batik is a toolkit for applications or applets that want to use images
 in the Scalable Vector Graphics (SVG) format for various purposes, such
 as viewing, generation or manipulation.
 .
 Batik provides several modules to be used in applications:
  * A SVG generator module, usable to export graphics into the SVG format.
  * A SVG processor and SVG Viewing component for integrating SVG viewing.
  * A module to convert SVG to various formats, such as raster images
    (JPEG, PNG or Tiff) and PS, PDF.
 .
 fop is necessary for PDF output of rasterizer.
 .
 rhino is necessary for using the SVG browser, squiggle.
 .
 For detailed information, go to http://xml.apache.org/batik/