Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
---|---|---|---|---|---|---|
debian-wrapper.patch | debian wrapper | Markus Koschany <apo@debian.org> | no | 2016-05-21 | ||
use_system_framework.patch | use_system_framework Rather than including a package provided apk in the jar, just read it directly from where it gets installed. |
Markus Koschany <apo@debian.org> | no | 2018-04-08 | ||
use_system_aapt.patch | use_system_aapt | Markus Koschany <apo@debian.org> | no | 2018-04-08 | ||
build.patch | build | Markus Koschany <apo@debian.org> | no | 2020-03-29 | ||
CVE-2024-21633-Prevent-arbitrary-file-writes-with-malicious-resourc.patch | [PATCH 1/1] Prevent arbitrary file writes with malicious resource names. (#3484) CVE-2024-21633 * refactor: rename sanitize function * fix: expose getDir * fix: safe handling of untrusted resource names - fixes: GHSA-2hqv-2xv4-5h5w * test: sample file for GHSA-2hqv-2xv4-5h5w * refactor: avoid detection of absolute files for resource check * chore: enable info mode on gradle * test: skip test on windows * chore: debug windows handling * fix: normalize entry with file separators * fix: normalize filepath after cleansing * chore: Android paths are not OS specific * refactor: use java.nio for path traversal checking * chore: align path separator on Windows for Zip files * chore: rework towards basic directory traversal * chore: remove '--info' on build.yml |
Connor Tumbleson <iBotPeaches@users.noreply.github.com> | yes | 2024-01-02 |