owner 741604 ! tags 741604 + confirmed thanks On Fri, Mar 14, 2014 at 01:24:47PM +0100, Moritz Muehlenhoff wrote: > Package: libspring-java > Severity: grave > Tags: security > Justification: user security hole > > http://www.gopivotal.com/security/cve-2014-0054 > http://www.gopivotal.com/security/cve-2014-1904 > > I'm not sure whether these are worth a DSA?
Hi Moritz, I believe a DSA is not necessary for those CVEs. I'm preparing fixes for sid and stable. Cheers, -- Miguel Landaeta, nomadium at debian.org secure email with PGP 0x6E608B637D8967E9 available at http://db.debian.org/fetchkey.cgi?fingerprint=4CB7FE1E280ECC90F29A597E6E608B637D8967E9 "Faith means not wanting to know what is true." -- Nietzsche
signature.asc
Description: Digital signature