pool/apache-commons-compress
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1f23762bd0
apache-commons-compress/commons-compress-1.19-src.tar.gz.asc
Tomáš Chvátal 2c6560db99 Accepting request 726717 from home:pmonrealgonzalez:branches:Java:packages 
- Updated to 1.19 [bsc#1148475, CVE-2019-12402]
  * ZipFile could get stuck in an infinite loop when parsing ZIP archives
    with certain strong encryption headers (CVE-2019-12402).
  * ZipArchiveInputStream and ZipFile will no longer throw an exception if
    an extra field generally understood by Commons Compress is malformed
    but rather turn them into UnrecognizedExtraField instances.  You can
    influence the way extra fields are parsed in more detail by using the
    new getExtraFields(ExtraFieldParsingBehavior) method of ZipArchiveEntry now.
  * Some of the ZIP extra fields related to strong encryption will now
    throw ZipExceptions rather than ArrayIndexOutOfBoundsExceptions in
    certain cases when used directly. There is no practical difference
    when they are read via ZipArchiveInputStream or ZipFile.
  * ParallelScatterZipCreator now writes entries in the same order they have
    been added to the archive.
  * ZipArchiveInputStream and ZipFile are more forgiving when parsing extra
    fields by default now.
  * TarArchiveInputStream has a new lenient mode that may allow it to read
    certain broken archives.
- Rebased patch fix_java_8_compatibility.patch

OBS-URL: https://build.opensuse.org/request/show/726717
OBS-URL: https://build.opensuse.org/package/show/Java:packages/apache-commons-compress?expand=0&rev=12
2019-08-28 12:03:03 +00:00

8 lines
224 B
Plaintext
Raw Blame History

-----BEGIN PGP SIGNATURE-----
iHEEABEKADEWIQTOgHWiUVR77iSbwVGiEVrhX2uLcgUCXWFijBMcYm9kZXdpZ0Bh
cGFjaGUub3JnAAoJEKIRWuFfa4tyNIkAn2gKkMs8N+T5giVT746EDm9sR8ypAKCe
9VpPXdbYTImJ4SYaSH+CUUOIYA==
=vNiG
-----END PGP SIGNATURE-----
Reference in New Issue View Git Blame Copy Permalink