shiro 1.3.2-5 source package in Ubuntu
Changelog
shiro (1.3.2-5) unstable; urgency=medium
* Team upload.
* Update patch for Spring Framework 4.3.x build failure.
* Cherry-pick upstream patch with Guice improvements.
* CVE-2020-1957: Fix a path-traversal issue where a specially-crafted request
could cause an authentication bypass. (Closes: #955018)
* CVE-2020-11989: Fix an encoding issue introduced in the handling of the
previous CVE-2020-1957 path-traversal issue which could have also caused an
authentication bypass.
* CVE-2020-13933: Fix an authentication bypass resulting from a specially
crafted HTTP request. (Closes: #968753)
* CVE-2020-17510: Fix an authentication bypass resulting from a specially
crafted HTTP request.
-- Roberto C. Sánchez <email address hidden> Fri, 27 Aug 2021 13:10:19 -0400
Upload details
- Uploaded by:
- Debian Java Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Debian Java Maintainers
- Architectures:
- all
- Section:
- misc
- Urgency:
- Medium Urgency
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| shiro_1.3.2-5.dsc | 2.2 KiB | 3dc9863e96e8339b19f286c6f376be0f81d5e7b9a85912ba61f972b468b1169c |
| shiro_1.3.2.orig.tar.xz | 467.7 KiB | ae9a3f73a64c05148de9a6c3c09852d3909add94776d47032ec8ff8befed8c5e |
| shiro_1.3.2-5.debian.tar.xz | 20.2 KiB | 949fd3320047c46b1aac4a1c39a7c053561738c5b10e4633585c0daa06966730 |
Available diffs
- diff from 1.3.2-4 to 1.3.2-5 (18.5 KiB)
No changes file available.
Binary packages built by this source
- libshiro-java: Apache Shiro - Java Security Framework
Apache Shiro is a powerful and flexible open-source security framework
that cleanly handles authentication, authorization, enterprise session
management, single sign-on and cryptography services.
