========================================================================== Ubuntu Security Notice USN-2029-1 November 13, 2013 libcommons-fileupload-java vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.04 LTS Summary: Apache Commons FileUpload could be made to overwrite files. Software Description: - libcommons-fileupload-java: File upload capability for servlets and web applications Details: It was discovered that Apache Commons FileUpload incorrectly handled file names with NULL bytes in serialized instances. An attacker could use this issue to possibly write to arbitrary files. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: libcommons-fileupload-java 1.2.1-3ubuntu2.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2029-1 CVE-2013-2186 Package Information: https://launchpad.net/ubuntu/+source/libcommons-fileupload-java/1.2.1-3ubuntu2.1