Package: batik X-Debbugs-CC: t...@security.debian.org Severity: important Version: 1.8-4 Tags: security
Hi, The following vulnerability was published for batik. CVE-2019-17566[0]: SSRF vulnerability If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. Note that this is fixed upstream in 1.13, and the fix is easy to backport. You may want to consider fixing this for buster and stretch via the upcoming point release. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-17566 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17566 Please adjust the affected versions in the BTS as needed.
