batik - Debian Package Tracker

general

source: batik (main)
version: 1.16+dfsg-1
maintainer: Debian Java Maintainers (archive) (DMD)
uploaders: Wolfgang Baer [DMD] – Pierre Gruet [DMD] – Vincent Fourmond [DMD]
arch: all
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.8-4+deb9u2
o-o-sec: 1.8-4+deb9u1
oldstable: 1.10-2+deb10u1
old-sec: 1.10-2+deb10u2
stable: 1.12-4
stable-sec: 1.12-4+deb11u1
testing: 1.16+dfsg-1
unstable: 1.16+dfsg-1

versioned links

1.8-4+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8-4+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.10-2+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.10-2+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12-4+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.16+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libbatik-java (1 bugs: 0, 0, 1, 0)

action needed

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2022-07-27 Last update: 2023-03-23 09:00

lintian reports 32 warnings normal

Lintian reports 32 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2022-10-29 Last update: 2022-10-29 14:34

4 low-priority security issues in bullseye low

There are 4 open security issues in bullseye.

4 issues left for the package maintainer to handle:

CVE-2020-11987: (needs triaging) Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
CVE-2022-38398: (needs triaging) Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
CVE-2022-38648: (needs triaging) Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.
CVE-2022-40146: (needs triaging) Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-07-04 Last update: 2022-12-17 12:37

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.6.1).

Created: 2022-12-17 Last update: 2022-12-17 19:18

news

[rss feed]

[2022-11-05] Accepted batik 1.12-4+deb11u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Markus Koschany)
[2022-11-02] batik 1.16+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-10-29] Accepted batik 1.12-4+deb11u1 (source) into stable-security (Debian FTP Masters) (signed by: Markus Koschany)
[2022-10-29] Accepted batik 1.10-2+deb10u2 (source) into oldstable (Markus Koschany)
[2022-10-27] Accepted batik 1.16+dfsg-1 (source) into unstable (Pierre Gruet)
[2022-10-01] batik 1.15+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-09-25] Accepted batik 1.15+dfsg-1 (source) into unstable (Pierre Gruet)
[2022-07-24] batik 1.14-2 MIGRATED to testing (Debian testing watch)
[2022-07-18] Accepted batik 1.14-2 (source) into unstable (Pierre Gruet)
[2021-12-02] batik 1.14-1 MIGRATED to testing (Debian testing watch)
[2021-11-27] Accepted batik 1.14-1 (source) into unstable (tony mancill)
[2020-09-28] batik 1.12-4 MIGRATED to testing (Debian testing watch)
[2020-09-23] Accepted batik 1.12-4 (source) into unstable (Sudip Mukherjee)
[2020-09-11] batik 1.12-3 MIGRATED to testing (Debian testing watch)
[2020-09-05] Accepted batik 1.12-3 (source) into unstable (Sudip Mukherjee)
[2020-09-04] Accepted batik 1.12-2 (source) into unstable (Sudip Mukherjee)
[2020-07-22] batik 1.12-1.1 MIGRATED to testing (Debian testing watch)
[2020-07-15] Accepted batik 1.12-1.1 (source) into unstable (Emilio Pozuelo Monfort)
[2020-07-11] Accepted batik 1.10-2+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Emilio Pozuelo Monfort)
[2020-07-11] Accepted batik 1.8-4+deb9u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Emilio Pozuelo Monfort)
[2020-02-22] batik 1.12-1 MIGRATED to testing (Debian testing watch)
[2020-02-16] Accepted batik 1.12-1 (source) into unstable (Mathieu Malaterre)
[2018-12-25] batik 1.10-2 MIGRATED to testing (Debian testing watch)
[2018-12-19] Accepted batik 1.10-2 (source) into unstable (Emmanuel Bourg)
[2018-06-03] Accepted batik 1.7+dfsg-5+deb8u1 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Markus Koschany)
[2018-06-03] Accepted batik 1.8-4+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates (Markus Koschany)
[2018-06-02] Accepted batik 1.8-4+deb9u1 (source all) into stable->embargoed, stable (Markus Koschany)
[2018-06-02] Accepted batik 1.7+dfsg-5+deb8u1 (source all) into oldstable->embargoed, oldstable (Markus Koschany)
[2018-05-30] batik 1.10-1 MIGRATED to testing (Debian testing watch)
[2018-05-25] Accepted batik 1.7+dfsg-3+deb7u3 (source all) into oldoldstable (Markus Koschany)

bugs [bug history graph]

all: 1
RC: 0
I&N: 0
M&W: 1
F&P: 0
patch: 1

links

homepage
lintian (0, 32)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.16+dfsg-1
4 bugs