Debian Patches

Status for velocity-tools/2.0-8

Patch Description Author Forwarded Bugs Origin Last update
01_dont_copy_test_lib.diff Don't try to copy some JAR files into "lib" directory. Damien Raude-Morvan <drazzib@drazzib.com> not-needed vendor 2011-03-06
02_junit_45.diff compatibility patch for JUnit 4.5 Damien Raude-Morvan <drazzib@drazzib.com> no vendor 2009-07-16
03_servlet_api_compatibility.diff Fix the compatibility with the Servlet API 3.1 Emmanuel Bourg <ebourg@apache.org> no
04_dom4j2_compatibility.diff Fixes the compatibility with dom4j 2.x Emmanuel Bourg <ebourg@apache.org> no
CVE-2020-13959.patch [PATCH] Fixed Reflected XSS Vuln
Velocity Tools has an automatically generated error page, which echoes back the file name unescaped. This commit sanitizes user input and fixes the XSS Vulnerability!

Updated XSS Vuln fix (used StringEscapeUtils)
Jackson Henry <54763344+JHHAX@users.noreply.github.com> no debian 2020-10-08

All known versions for source package 'velocity-tools'

Links