apache-jena 4.9.0-1 source package in Ubuntu
Changelog
apache-jena (4.9.0-1) unstable; urgency=medium
* New upstream version 4.9.0.
- Fix CVE-2023-22665: (Closes: #1041108)
There is insufficient checking of user queries in Apache Jena versions
4.7.0 and earlier, when invoking custom scripts. It allows a remote user
to execute arbitrary javascript via a SPARQL query.
- Fix CVE-2023-32200: (Closes: #1035952)
There is insufficient restrictions of called script functions in Apache
Jena versions 4.8.0 and earlier. It allows a remote user to execute
javascript via a SPARQL query. This issue affects Apache Jena: from 3.7.0
through 4.8.0.
* B-D on libcaffeine-java and libcommons-collections4-java.
* Ignore org.roaringbitmap:RoaringBitmap artifact. Needs packaging.
* Rebase and update the patches for the new release.
-- Markus Koschany <email address hidden> Thu, 14 Sep 2023 19:21:03 +0200
Upload details
- Uploaded by:
- Debian Java Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Debian Java Maintainers
- Architectures:
- all
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Noble | release | universe | misc |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| apache-jena_4.9.0-1.dsc | 2.5 KiB | c68e858c8435bc0f3ffee858c9aad713f5cb685a2623429d6410d990b747e5f2 |
| apache-jena_4.9.0.orig.tar.gz | 34.5 MiB | 204c7c02982b4f84e817fbefd07ad9fe6e7ecf3d1e5451686e2bcba290500aef |
| apache-jena_4.9.0-1.debian.tar.xz | 19.0 KiB | 1ad064935e7befcbf667ef1ae32452ffb16363cb6fc554488afcb9afb5d946c2 |
Available diffs
- diff from 4.5.0-2 to 4.9.0-1 (3.2 MiB)
No changes file available.
Binary packages built by this source
- libapache-jena-java: Java framework for building Semantic Web applications
Apache Jena is a Java framework for building Semantic Web and Linked data
applications. It provides an API to extract data from and write to RDF graphs.
The graphs are represented as an abstract "model". A model can be sourced with
data from files, databases, URLs or a combination of these. Jena supports
serialisation of RDF graphs to a relational database, RDF/XML, Turtle and
Notation 3.
