pool/xmlgraphics-batik
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OBS-URL: https://build.opensuse.org/package/show/Java:packages/xmlgraphics-batik?expand=0&rev=67

Browse Source
This commit is contained in:
Fridrich Strba 2024-03-01 19:58:58 +00:00 committed by Git OBS Bridge
parent 8cf5b19a65
commit f15788ee27
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
xmlgraphics-batik.changes
View File

@ -8,9 +8,10 @@ Fri Mar 1 19:02:03 UTC 2024 - Fridrich Strba <fstrba@suse.com>
(CVE-2022-44729)
- Upgrade to version 1.16
* Java 8 or later is minimum runtime required
* BATIK-1338: Block loading jar inside svg (CVE-2022-41704)
* BATIK-1338: Block loading jar inside svg (CVE-2022-41704,
bsc#1204704)
* BATIK-1345: Restrict what java classes can be run thru rhino
(CVE-2022-42890)
(CVE-2022-42890, bsc#1204709)
- Removed patch:
* xmlgraphics-batik-nosourcetarget.patch
+ not needed since Java 8 compatibility is now the default