Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Ubuntu 19.10: USN-4380-1 Medium: Apache Ant Information Leak

ubuntu
Calendar Grey June 1, 2020
Dist Ubuntu Esm H88
Apache Ant security flaw may reveal confidential information or permit illicit entry. Ubuntu users recommended to update.
Apache Ant could leak sensitive information or be made to run programs as your login.

Summary

Apache Ant could leak sensitive information or be made to run programs

as your login.

Software Description:

- ant: Java based build tool like make

Details:

It was discovered that Apache Ant created temporary files with insecure

permissions. An attacker could use this vulnerability to read sensitive

information leaked into /tmp, or potentially inject malicious code into a

project that is built with Apache Ant.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
  ant                             1.10.6-1ubuntu0.1
  ant-doc                         1.10.6-1ubuntu0.1
  ant-optional                    1.10.6-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4380-1

CVE-2020-1945

Severity
medium
Lowest
Low
Medium
High
Critical

June 01, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.