Overview

File _patchinfo of Package patchinfo.2065

<patchinfo incident="2065">
  <issue id="967593" tracker="bnc">CVE-2016-2510: bsh2: remote code execution vulnerability via deserialization</issue>
  <issue id="CVE-2016-2510" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>scarabeus_iv</packager>
  <description>
This update for bsh2 fixes the following issues: 

- CVE-2016-2510: An application that includes BeanShell on the
  classpath may be vulnerable if another part of the application uses Java
  serialization or XStream to deserialize data from an untrusted source.

Please see https://github.com/beanshell/beanshell/releases/tag/2.0b6 for more information.
</description>
  <summary>Security update for bsh2</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places