JFreeChart / Bugs / #814 url encoding in 1.0.8a breaks image map urls

#814 url encoding in 1.0.8a breaks image map urls

Status: closed-fixed

Owner: David Gilbert

Labels: General (896)

Priority: 9

Updated: 2008-01-04

Created: 2007-12-12

Creator: Anonymous

Private: No

The encoding added to the security release encodes the entire url which breaks the url. The "&" and "?" should not be encoded

Discussion

Varun Hiremath - 2007-12-17

Logged In: YES
user_id=1450323
Originator: NO

What is the status of this bug? Has the following CVE been fixed in 1.0.8a?
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6306

Please note that the following bug was filed in the Debian BTS:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456148

and we are waiting for updates on this bug.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

David Gilbert - 2007-12-18

labels: --> General

priority: 5 --> 9

assigned_to: nobody --> mungady
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

David Gilbert - 2007-12-18

Logged In: YES
user_id=112975
Originator: NO

This bug has been fixed in the jfreechart-1.0.x-branch in Subversion, and I'll be releasing version 1.0.9 as soon as possible. The chances of that happening this week are slim, however.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

David Gilbert - 2008-01-04

Logged In: YES
user_id=112975
Originator: NO

Closing this bug. 1.0.9 should be out today, unless something bad happens.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

David Gilbert - 2008-01-04

status: open --> closed-fixed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.