Ubuntu 6614 Published by

An Apache Ant security update has been released for Ubuntu Linux 19.10.



USN-4380-1: Apache Ant vulnerability


==========================================================================
Ubuntu Security Notice USN-4380-1
June 01, 2020

Apache Ant vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.10

Summary:

Apache Ant could leak sensitive information or be made to run programs
as your login.

Software Description:
- ant: Java based build tool like make

Details:

It was discovered that Apache Ant created temporary files with insecure
permissions. An attacker could use this vulnerability to read sensitive
information leaked into /tmp, or potentially inject malicious code into a
project that is built with Apache Ant.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
ant 1.10.6-1ubuntu0.1
ant-doc 1.10.6-1ubuntu0.1
ant-optional 1.10.6-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
  https://usn.ubuntu.com/4380-1
CVE-2020-1945

Package Information:
  https://launchpad.net/ubuntu/+source/ant/1.10.6-1ubuntu0.1