bcel-5.2-19.0.1.el7.AXS7
エラータID: AXSA:2022-4486:01
The Byte Code Engineering Library (Apache Commons BCEL) is intended to give
users a convenient way to analyze, create, and manipulate (binary) Java class
files (those ending with .class).
Security Fix(es):
* Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing
(CVE-2022-42920)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE-2022-42920
Apache Commons BCEL has a number of APIs that would normally only allow changing
specific class characteristics. However, due to an out-of-bounds writing issue,
these APIs can be used to produce arbitrary bytecode. This could be abused in
applications that pass attacker-controllable data to those APIs, giving the
attacker more control over the resulting bytecode than otherwise expected.
Update to Apache Commons BCEL 6.6.0.
Update packages.
Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected. Update to Apache Commons BCEL 6.6.0.
N/A
SRPMS
- bcel-5.2-19.0.1.el7.AXS7.src.rpm
MD5: e7a52df86adc2090fa9f12acc9af456b
SHA-256: 5bda03d716d93b2faeebe0bc8e9c1eb27b6f8f1f0026b6937b856ebabc441399
Size: 269.19 kB
Asianux Server 7 for x86_64
- bcel-5.2-19.0.1.el7.AXS7.noarch.rpm
MD5: ec22adc0dae7ce27b2067159dce29faa
SHA-256: 6894975e3c10e3abcf55bd34f5586fea458f70d0d9965c26c313cfde0875d903
Size: 468.75 kB
日本語