SUSE-RU-2012:1631-1: Recommended update for ant

sle-updates at lists.suse.com sle-updates at lists.suse.com
Fri Dec 7 17:08:47 MST 2012


   SUSE Recommended Update: Recommended update for ant
______________________________________________________________________________

Announcement ID:    SUSE-RU-2012:1631-1
Rating:             low
References:         #763820 #785695 
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP2
                    SUSE Linux Enterprise Server 11 SP2 for VMware
                    SUSE Linux Enterprise Server 11 SP2
______________________________________________________________________________

   An update that solves one vulnerability and has one errata
   is now available.

Description:


   This update for ant adds a fix for the following reports
   for ant:

   * 785695: RPM task converts dashes (-) to underscores
   (_)

   In addition, a security fix for a denial of service via
   specially crafted  input has been added (CVE-2012-2098)

   Security Issue reference:

   * CVE-2012-2098
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098
   >


Patch Instructions:

   To install this SUSE Recommended Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP2:

      zypper in -t patch sdksp2-ant-7029

   - SUSE Linux Enterprise Server 11 SP2 for VMware:

      zypper in -t patch slessp2-ant-7029

   - SUSE Linux Enterprise Server 11 SP2:

      zypper in -t patch slessp2-ant-7029

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch):

      ant-1.7.0-200.26.1
      ant-antlr-1.7.0-200.26.1
      ant-antlr-1.7.0-200.26.2
      ant-apache-bcel-1.7.0-200.26.1
      ant-apache-bcel-1.7.0-200.26.2
      ant-apache-bsf-1.7.0-200.26.1
      ant-apache-bsf-1.7.0-200.26.2
      ant-apache-log4j-1.7.0-200.26.1
      ant-apache-log4j-1.7.0-200.26.2
      ant-apache-oro-1.7.0-200.26.1
      ant-apache-oro-1.7.0-200.26.2
      ant-apache-regexp-1.7.0-200.26.1
      ant-apache-regexp-1.7.0-200.26.2
      ant-apache-resolver-1.7.0-200.26.1
      ant-apache-resolver-1.7.0-200.26.2
      ant-commons-logging-1.7.0-200.26.1
      ant-commons-logging-1.7.0-200.26.2
      ant-javadoc-1.7.0-200.26.1
      ant-javamail-1.7.0-200.26.1
      ant-javamail-1.7.0-200.26.2
      ant-jdepend-1.7.0-200.26.1
      ant-jdepend-1.7.0-200.26.2
      ant-jmf-1.7.0-200.26.1
      ant-jmf-1.7.0-200.26.2
      ant-junit-1.7.0-200.26.1
      ant-junit-1.7.0-200.26.2
      ant-manual-1.7.0-200.26.1
      ant-nodeps-1.7.0-200.26.1
      ant-nodeps-1.7.0-200.26.2
      ant-scripts-1.7.0-200.26.1
      ant-swing-1.7.0-200.26.1
      ant-swing-1.7.0-200.26.2
      ant-trax-1.7.0-200.26.2

   - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch):

      ant-1.7.0-200.26.1
      ant-trax-1.7.0-200.26.2

   - SUSE Linux Enterprise Server 11 SP2 (noarch):

      ant-1.7.0-200.26.1
      ant-trax-1.7.0-200.26.1
      ant-trax-1.7.0-200.26.2


References:

   http://support.novell.com/security/cve/CVE-2012-2098.html
   https://bugzilla.novell.com/763820
   https://bugzilla.novell.com/785695
   http://download.novell.com/patch/finder/?keywords=6b595a1f678c5b49bab15e9f5517fac2



More information about the sle-updates mailing list