Register | Log in

dom4j

Choose email to subscribe with

general

source: dom4j (main)
version: 2.1.1-4
maintainer: Debian Java Maintainers (archive) (DMD)
uploaders: Marcus Better [DMD] – Emmanuel Bourg [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.6.1+dfsg.3-2
o-o-sec: 1.6.1+dfsg.3-2+deb8u2
oldstable: 1.6.1+dfsg.3-2+deb9u1
stable: 2.1.1-2
testing: 2.1.1-4
unstable: 2.1.1-4

versioned links

1.6.1+dfsg.3-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.1+dfsg.3-2+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.1+dfsg.3-2+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1.1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libdom4j-java
libdom4j-java-doc

action needed

A new upstream version is available: 2.1.3 high

A new upstream version 2.1.3 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2020-08-09 04:40

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2020-10683: dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

Please fix it.

Created: 2020-04-17 Last update: 2020-08-07 06:08

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2020-10683: dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

Please fix it.

Created: 2020-04-17 Last update: 2020-08-07 06:08

Multiarch hinter reports 1 issue(s) normal

There are issues with the multiarch metadata for this package.

libdom4j-java-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2020-08-09 04:43

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2020-10683: dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

Please fix it.

Created: 2020-04-17 Last update: 2020-08-07 06:08

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2020-10683: dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

Please fix it.

Created: 2020-04-17 Last update: 2020-08-07 06:08

news

[2020-05-09] dom4j 2.1.1-4 MIGRATED to testing (Debian testing watch)
[2020-05-04] Accepted dom4j 2.1.1-4 (source) into unstable (tony mancill)
[2020-05-03] Accepted dom4j 2.1.1-3 (source) into unstable (tony mancill)
[2020-04-28] Accepted dom4j 1.6.1+dfsg.3-2+deb8u2 (source all) into oldoldstable (Utkarsh Gupta)
[2018-10-04] Accepted dom4j 1.6.1+dfsg.3-2+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates (Markus Koschany)
[2018-09-24] Accepted dom4j 1.6.1+dfsg.3-2+deb8u1 (source all) into oldstable (Markus Koschany)
[2018-09-21] dom4j 2.1.1-2 MIGRATED to testing (Debian testing watch)
[2018-09-15] Accepted dom4j 2.1.1-2 (source) into unstable (tony mancill)
[2018-07-30] Accepted dom4j 2.1.1-1 (source) into unstable (Emmanuel Bourg)
[2017-11-11] dom4j 2.1.0-2 MIGRATED to testing (Debian testing watch)
[2017-11-05] Accepted dom4j 2.1.0-2 (source all) into unstable (tony mancill)
[2017-10-30] dom4j 2.1.0-1 MIGRATED to testing (Debian testing watch)
[2017-10-25] Accepted dom4j 2.1.0-1 (source all) into unstable (Emmanuel Bourg)
[2013-07-08] dom4j 1.6.1+dfsg.3-2 MIGRATED to testing (Debian testing watch)
[2013-06-27] Accepted dom4j 1.6.1+dfsg.3-2 (source all) (Emmanuel Bourg) (signed by: Niels Thykier)
[2013-04-20] Accepted dom4j 1.6.1+dfsg.3-1 (source all) (tony mancill)
[2013-04-19] Accepted dom4j 1.6.1+dfsg.2-7 (source all) (Emmanuel Bourg) (signed by: tony mancill)
[2012-06-09] dom4j 1.6.1+dfsg.2-6 MIGRATED to testing (Debian testing watch)
[2012-05-30] Accepted dom4j 1.6.1+dfsg.2-6 (source all) (tony mancill) (signed by: Damien Raude-Morvan)
[2011-08-28] dom4j 1.6.1+dfsg.2-5 MIGRATED to testing (Debian testing watch)
[2011-08-17] Accepted dom4j 1.6.1+dfsg.2-5 (source all) (Torsten Werner)
[2010-06-25] dom4j 1.6.1+dfsg.2-4 MIGRATED to testing (Debian testing watch)
[2010-06-14] Accepted dom4j 1.6.1+dfsg.2-4 (source all) (Thierry Carrez) (signed by: Torsten Werner)
[2010-06-07] dom4j 1.6.1+dfsg.2-3 MIGRATED to testing (Debian testing watch)
[2010-05-27] Accepted dom4j 1.6.1+dfsg.2-3 (source all) (Torsten Werner)
[2009-10-06] dom4j 1.6.1+dfsg.2-2 MIGRATED to testing (Debian testing watch)
[2009-09-25] Accepted dom4j 1.6.1+dfsg.2-2 (source all) (Michael Koch)
[2009-07-26] dom4j 1.6.1+dfsg.2-1 MIGRATED to testing (Debian testing watch)
[2009-07-25] dom4j 1.6.1+dfsg.2-1 MIGRATED to testing (Debian testing watch)
[2009-07-24] dom4j 1.6.1+dfsg.2-1 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.1.1-4
1 bug

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing