-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4243-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk July 20, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : batik Version : 1.12-4+deb11u3 CVE ID : CVE-2020-11987 CVE-2022-38398 CVE-2022-38648 CVE-2022-40146 Debian Bug : 984829 1020589 Multiple cases of Server-Side Request Forgery have been fixed in the Batik SVG toolkit for Java. For Debian 11 bullseye, these problems have been fixed in version 1.12-4+deb11u3. We recommend that you upgrade your batik packages. For the detailed security status of batik please refer to its security tracker page at: https://security-tracker.debian.org/tracker/batik Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmh9VNkACgkQiNJCh6LY mLEaPQ//ebd95SfL7TY/bXWWH7EuKGIp8HsLarYep4wu3TU+dghdKbypMgYyoKY5 4WMI+yMV9k1GZ4YlTJNYhHc/5dF+Emp8umbMKd20WcoIPnqajKKGePwa8aYz7L4f vZierzWONxGY+aCZE8R8P5SntdrQ2VCOSFi46whx8jNvPSoW7iJT3lsyC35Yqh3v 7CLMREetpSsEiYwmWfZp38u2GaYGD+qiqC61qW+cMFip75UY9BrnXG6nBWwQOvnH qvj6OPD39hQGZwXp8DRUlt9MX6Y6vIQHrNq2jCU7dzjVjneElE+dd+vYZ4hf4ucL wy4QEiqoYjfIRGvYLPOkoRicHAiIT/RVNFaF3dXHCMgj+QqdnmUzlVhFYP+kOVO9 H2cmLt9Dh8+HS7Ejk7wS+/1r9C/tA4/+LmroIFLgh/wqX7eSFecZ3c0tTfqX+KK4 3HzPs3Ga8zM8IjAxKdGUgOOFLeaHiNGSleFygtkCIM+8lVlBN8a8/DBHv+2ApaAF C3WxcQPXiaxmA16U53+se37HuwVt32sPhe3lat9k8oa5Kne/YQpmlVKYbqWWOiGC 8rMhhJgG05hPbBKwELn1KMsp64BZGW64lEGSpc7d87A9/1RUACyMl130aEjZfTmo 0hPKITKKKskbUz5ahoI0m+7V8iDi/+HyZADUl7mTbJUZGjxcpK0= =4NpM -----END PGP SIGNATURE-----
