Register | Log in

batik

xml.apache.org SVG Library

Choose email to subscribe with

general

source: batik (main)
version: 1.17+dfsg-1
maintainer: Debian Java Maintainers (archive) (DMD)
uploaders: Wolfgang Baer [DMD] – Pierre Gruet [DMD] – Vincent Fourmond [DMD]
arch: all
std-ver: 4.6.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.10-2+deb10u1
o-o-sec: 1.10-2+deb10u3
oldstable: 1.12-4+deb11u2
old-sec: 1.12-4+deb11u1
stable: 1.16+dfsg-1+deb12u1
testing: 1.17+dfsg-1
unstable: 1.17+dfsg-1

versioned links

1.10-2+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.10-2+deb10u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12-4+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12-4+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.16+dfsg-1+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.17+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libbatik-java (1 bugs: 0, 0, 1, 0)

action needed

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2023-09-13 Last update: 2023-11-30 11:00

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2023-08-25 Last update: 2023-08-25 04:31

4 low-priority security issues in bullseye low

There are 4 open security issues in bullseye.

4 issues left for the package maintainer to handle:

CVE-2020-11987: (needs triaging) Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
CVE-2022-38398: (needs triaging) Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
CVE-2022-38648: (needs triaging) Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.
CVE-2022-40146: (needs triaging) Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-07-04 Last update: 2023-10-15 01:35

news

[2023-10-14] Accepted batik 1.10-2+deb10u3 (source) into oldoldstable (Bastien Roucariès) (signed by: Bastien ROUCARIÈS)
[2023-09-25] Accepted batik 1.12-4+deb11u2 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Pierre Gruet)
[2023-09-25] Accepted batik 1.16+dfsg-1+deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Pierre Gruet)
[2023-08-29] batik 1.17+dfsg-1 MIGRATED to testing (Debian testing watch)
[2023-08-24] Accepted batik 1.17+dfsg-1 (source) into unstable (Pierre Gruet)
[2022-11-05] Accepted batik 1.12-4+deb11u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Markus Koschany)
[2022-11-02] batik 1.16+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-10-29] Accepted batik 1.12-4+deb11u1 (source) into stable-security (Debian FTP Masters) (signed by: Markus Koschany)
[2022-10-29] Accepted batik 1.10-2+deb10u2 (source) into oldstable (Markus Koschany)
[2022-10-27] Accepted batik 1.16+dfsg-1 (source) into unstable (Pierre Gruet)
[2022-10-01] batik 1.15+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-09-25] Accepted batik 1.15+dfsg-1 (source) into unstable (Pierre Gruet)
[2022-07-24] batik 1.14-2 MIGRATED to testing (Debian testing watch)
[2022-07-18] Accepted batik 1.14-2 (source) into unstable (Pierre Gruet)
[2021-12-02] batik 1.14-1 MIGRATED to testing (Debian testing watch)
[2021-11-27] Accepted batik 1.14-1 (source) into unstable (tony mancill)
[2020-09-28] batik 1.12-4 MIGRATED to testing (Debian testing watch)
[2020-09-23] Accepted batik 1.12-4 (source) into unstable (Sudip Mukherjee)
[2020-09-11] batik 1.12-3 MIGRATED to testing (Debian testing watch)
[2020-09-05] Accepted batik 1.12-3 (source) into unstable (Sudip Mukherjee)
[2020-09-04] Accepted batik 1.12-2 (source) into unstable (Sudip Mukherjee)
[2020-07-22] batik 1.12-1.1 MIGRATED to testing (Debian testing watch)
[2020-07-15] Accepted batik 1.12-1.1 (source) into unstable (Emilio Pozuelo Monfort)
[2020-07-11] Accepted batik 1.10-2+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Emilio Pozuelo Monfort)
[2020-07-11] Accepted batik 1.8-4+deb9u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Emilio Pozuelo Monfort)
[2020-02-22] batik 1.12-1 MIGRATED to testing (Debian testing watch)
[2020-02-16] Accepted batik 1.12-1 (source) into unstable (Mathieu Malaterre)
[2018-12-25] batik 1.10-2 MIGRATED to testing (Debian testing watch)
[2018-12-19] Accepted batik 1.10-2 (source) into unstable (Emmanuel Bourg)
[2018-06-03] Accepted batik 1.7+dfsg-5+deb8u1 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Markus Koschany)

1
2

bugs [bug history graph]

all: 1
RC: 0
I&N: 0
M&W: 1
F&P: 0
patch: 1

links

homepage
lintian (0, 1)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.17+dfsg-1
4 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing