reproducible.debian.net status changes for mauve

2016-10-31 02:57 https://tests.reproducible-builds.org/debian/unstable/amd64/mauve changed from unreproducible -> reproducible __ This is the maintainer address of Debian's Java team . Please use

Bug#842721: jayway-jsonpath: FTBFS (Could not resolve all dependencies)

Package: src:jayway-jsonpath Version: 2.0.0-2 Severity: serious Dear maintainer: I tried to build this package in stretch with "dpkg-buildpackage -A" (which is what the "Arch: all" autobuilder would do to build it) but it failed:

lucene-solr 3.6.2+dfsg-9 MIGRATED to testing

FYI: The status of the lucene-solr source package in Debian's testing distribution has changed. Previous version: 3.6.2+dfsg-8 Current version: 3.6.2+dfsg-9 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day

wagon2 2.10-6 MIGRATED to testing

FYI: The status of the wagon2 source package in Debian's testing distribution has changed. Previous version: 2.10-5 Current version: 2.10-6 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive

gradle-debian-helper 1.4 MIGRATED to testing

FYI: The status of the gradle-debian-helper source package in Debian's testing distribution has changed. Previous version: 1.3 Current version: 1.4 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will

h2database 1.4.192-3 MIGRATED to testing

FYI: The status of the h2database source package in Debian's testing distribution has changed. Previous version: 1.4.192-2 Current version: 1.4.192-3 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will

eclipse 3.8.1-10 MIGRATED to testing

FYI: The status of the eclipse source package in Debian's testing distribution has changed. Previous version: 3.8.1-9 Current version: 3.8.1-10 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will

Bug#762916: marked as done (tomcat8: Please provide catalina-jmx-remote.jar library)

Your message dated Mon, 31 Oct 2016 16:01:02 + with message-id and subject line Bug#762916: fixed in tomcat8 8.0.38-2 has caused the Debian Bug report #762916, regarding tomcat8: Please provide catalina-jmx-remote.jar library to be marked as done. This

tomcat8_8.0.38-2_amd64.changes ACCEPTED into unstable, unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 28 Oct 2016 01:17:23 +0200 Source: tomcat8 Binary: tomcat8-common tomcat8 tomcat8-user libtomcat8-java libtomcat8-embed-java libservlet3.1-java libservlet3.1-java-doc tomcat8-admin tomcat8-examples tomcat8-docs

Processed: fixed 842663 in 7.0.72-1

Processing commands for cont...@bugs.debian.org: > fixed 842663 7.0.72-1 Bug #842663 [tomcat7] CVE-2016-5018: Apache Tomcat Security Manager Bypass Marked as fixed in versions tomcat7/7.0.72-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 842663:

Processed: fixed 842664 in 7.0.72-1

Processing commands for cont...@bugs.debian.org: > fixed 842664 7.0.72-1 Bug #842664 [tomcat7] CVE-2016-6794: Apache Tomcat System Property Disclosure Marked as fixed in versions tomcat7/7.0.72-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 842664:

Processed: fixed 842665 in 7.0.72-1

Processing commands for cont...@bugs.debian.org: > fixed 842665 7.0.72-1 Bug #842665 [tomcat7] CVE-2016-6796: Apache Tomcat Security Manager Bypass Marked as fixed in versions tomcat7/7.0.72-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 842665:

Processed: fixed 842662 in 7.0.72-1

Processing commands for cont...@bugs.debian.org: > fixed 842662 7.0.72-1 Bug #842662 [tomcat7] CVE-2016-0762: Apache Tomcat Realm Timing Attack Marked as fixed in versions tomcat7/7.0.72-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 842662:

Processed: fixed 842666 in 7.0.72-1

Processing commands for cont...@bugs.debian.org: > fixed 842666 7.0.72-1 Bug #842666 [tomcat7] CVE-2016-6797: Apache Tomcat Unrestricted Access to Global Resources Marked as fixed in versions tomcat7/7.0.72-1. > thanks Stopping processing here. Please contact me if you need assistance. --

Bug#842706: solr-jetty: packaged version is ancient

Package: solr-jetty Version: 3.6.2+dfsg-9 Severity: normal Dear Maintainer, The package version of Solr is 3.6.2, released in December 2012. The current Solr release is 6.2.1, release in September 2016. Are there any plans to upgrade the package? Thanks! -- System Information: Debian Release:

Processed: found 842662 in 7.0.28-4, tagging 842662, severity of 842662 is important, found 842663 in 7.0.28-4 ...

Processing commands for cont...@bugs.debian.org: > # add found versions as per LTS triage and upstream information > found 842662 7.0.28-4 Bug #842662 [tomcat7] CVE-2016-0762: Apache Tomcat Realm Timing Attack Marked as found in versions tomcat7/7.0.28-4. > tags 842662 + upstream fixed-upstream

Bug#842666: CVE-2016-6797: Apache Tomcat Unrestricted Access to Global Resources

Package: tomcat7 Severity: important Tags: security Hi, the following vulnerability was published for tomcat7. CVE-2016-6797[0]: Apache Tomcat Unrestricted Access to Global Resources If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id

Bug#842665: CVE-2016-6796 Apache Tomcat Security Manager Bypass

Package: tomcat7 Severity: important Tags: security Hi, the following vulnerability was published for tomcat7. CVE-2016-6796[0]: Apache Tomcat Security Manager Bypass If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog

Bug#842664: CVE-2016-6794: Apache Tomcat System Property Disclosure

Package: tomcat7 Severity: important Tags: security Hi, the following vulnerability was published for tomcat7. CVE-2016-6794[0]: Apache Tomcat System Property Disclosure If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your

Bug#840317: Please Separate CLI, GUI and Library Packages

Looks like Gradle does not depend on Proguard. But we still benefit from separating the CLI and GUI program, or simply put default-jdk in "Suggests" and default-jdk-headless in "Depends". __ This is the maintainer address of Debian's Java team

Bug#842663: CVE-2016-5018: Apache Tomcat Security Manager Bypass

Package: tomcat7 Severity: important Tags: security Hi, the following vulnerability was published for tomcat7. CVE-2016-5018[0]: Apache Tomcat Security Manager Bypass If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog

Bug#842662: CVE-2016-0762: Apache Tomcat Realm Timing Attack

Package: tomcat7 Severity: importantx Tags: security Hi, the following vulnerability was published for tomcat7. CVE-2016-0762[0]: Apache Tomcat Realm Timing Attack If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog