Overview

File _patchinfo of Package patchinfo.12347

<patchinfo incident="12347">
  <issue tracker="bnc" id="1146657">VUL-0: CVE-2019-10086: apache-commons-beanutils: In 1.9.2, a BeanIntrospector class was added to thwart CVE-2014-0224 but is not used by default</issue>
  <issue tracker="cve" id="2019-10086"/>
  <category>security</category>
  <rating>important</rating>
  <packager>pmonrealgonzalez</packager>
  <description>This update for apache-commons-beanutils fixes the following issues:

Security issue fixed:

- CVE-2019-10086: Added special BeanIntrospector class which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects (bsc#1146657).
</description>
  <summary>Security update for apache-commons-beanutils</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places