Package: netbeans
Version: 8.1+dfsg3-4
Severity: critical
Justification: breaks unrelated software
Tags: a11y
Dear Maintainer,
*** Reporter, please consider answering these questions, where
appropriate ***
* What led up to the situation?
* What exactly did you do (or not do) that was
Package: eclipse
Version: 3.8.1-11
Severity: critical
Justification: breaks unrelated software
Tags: a11y
Dear Maintainer,
*** Reporter, please consider answering these questions, where
appropriate ***
* What led up to the situation?
* What exactly did you do (or not do) that was
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 16 Feb 2018 12:36:35 +0100
Source: lucene-solr
Binary: liblucene3-java liblucene3-contrib-java liblucene3-java-doc
libsolr-java solr-common solr-tomcat solr-jetty
Architecture: source all
Version:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 16 Feb 2018 12:36:35 +0100
Source: lucene-solr
Binary: liblucene3-java liblucene3-contrib-java liblucene3-java-doc
libsolr-java solr-common solr-tomcat solr-jetty
Architecture: source all
Version: 3.6.2+dfsg-10+deb9u1
Your message dated Fri, 02 Mar 2018 20:53:30 +
with message-id
and subject line Bug#885576: fixed in undertow 1.4.23-1
has caused the Debian Bug report #885576,
regarding undertow: CVE-2017-7559: HTTP Request smuggling vulnerability
(incomplete fix of
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 02 Mar 2018 20:29:02 +0100
Source: undertow
Binary: libundertow-java libundertow-java-doc
Architecture: source
Version: 1.4.23-1
Distribution: unstable
Urgency: high
Maintainer: Debian Java Maintainers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 02 Mar 2018 20:29:02 +0100
Source: undertow
Binary: libundertow-java libundertow-java-doc
Architecture: source
Version: 1.4.23-1
Distribution: unstable
Urgency: high
Maintainer: Debian Java Maintainers
Hi!
On Fri, Mar 02, 2018 at 08:46:51PM +0100, Markus Koschany wrote:
> Control: severity -1 important
>
> I am no longer sure undertow is affected. The issue is marked resolved
> upstream and one of the fixing commits
>
> https://github.com/wildfly/wildfly/pull/10748/files
>
> indicates the
This is an automated email from the git hooks/post-receive script.
apo pushed a change to branch pristine-tar
in repository undertow.
from 127be4e pristine-tar data for undertow_2.0.0.orig.tar.xz
new 4b456e3 pristine-tar data for undertow_1.4.23.orig.tar.gz
The 1 revisions
This is an automated email from the git hooks/post-receive script.
apo pushed a commit to branch pristine-tar
in repository undertow.
commit 4b456e3bbdb6f958dbbea6e4b6b4041626979dff
Author: Markus Koschany
Date: Fri Mar 2 19:59:27 2018 +0100
pristine-tar data for
This is an automated email from the git hooks/post-receive script.
apo pushed a commit to branch master
in repository undertow.
commit 232eccda1f9f909c163d1f0e72ebfb28ce52257c
Merge: 19a3371 2d828b7
Author: Markus Koschany
Date: Fri Mar 2 19:59:31 2018 +0100
Update
This is an automated email from the git hooks/post-receive script.
apo pushed a change to annotated tag upstream/1.4.23
in repository undertow.
at b1d0745 (tag)
tagging 2d828b75d84d960d65467fc50da6c277d19b8e3d (commit)
replaces upstream/2.0.0
tagged by Markus Koschany
This is an automated email from the git hooks/post-receive script.
apo pushed a commit to branch master
in repository undertow.
commit 19a3371b12ab04b4a7e8136ca42e7ea142edec19
Author: Markus Koschany
Date: Fri Mar 2 19:59:10 2018 +0100
Update changelog
---
This is an automated email from the git hooks/post-receive script.
apo pushed a change to annotated tag debian/1.4.23-1
in repository undertow.
at ac006e5 (tag)
tagging b32f3e00425b3a0acda461e4b4e9263f79c2eb86 (commit)
replaces debian/1.4.22-1
tagged by Markus Koschany
This is an automated email from the git hooks/post-receive script.
apo pushed a commit to branch master
in repository undertow.
commit ba54bf3045b51fc43a3033a27d489c65f89815c0
Author: Markus Koschany
Date: Fri Mar 2 20:29:46 2018 +0100
Close 885576
---
debian/changelog
This is an automated email from the git hooks/post-receive script.
apo pushed a change to branch master
in repository undertow.
from 0629a37 Update changelog
adds 6545fce New upstream version 2.0.0
adds 8689747 Update upstream source from tag 'upstream/2.0.0'
This is an automated email from the git hooks/post-receive script.
apo pushed a commit to branch master
in repository undertow.
commit b32f3e00425b3a0acda461e4b4e9263f79c2eb86
Author: Markus Koschany
Date: Fri Mar 2 20:33:12 2018 +0100
Revert "Pretend we ship the servlet
Control: severity -1 important
I am no longer sure undertow is affected. The issue is marked resolved
upstream and one of the fixing commits
https://github.com/wildfly/wildfly/pull/10748/files
indicates the bug was in WildFly's undertow extension but not in
Undertow itself. I keep this bug
Processing control commands:
> severity -1 important
Bug #891929 [src:undertow] CVE-2018-1047: information disclosure of arbitrary
local files
Severity set to 'important' from 'grave'
--
891929: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891929
Debian Bug Tracking System
Contact
undertow_1.4.23-1_source.changes uploaded successfully to localhost
along with the files:
undertow_1.4.23-1.dsc
undertow_1.4.23.orig.tar.gz
undertow_1.4.23-1.debian.tar.xz
undertow_1.4.23-1_amd64.buildinfo
Greetings,
Your Debian queue daemon (running on host usper.debian.org)
__
Processing commands for cont...@bugs.debian.org:
> found 891928 1.4.8-1
Bug #891928 [src:undertow] CVE-2018-1048: ALLOW_ENCODED_SLASH option not taken
into account in the AjpRequestParser
Marked as found in versions undertow/1.4.8-1.
> # according to bug and upstream information
> fixed 891928
Control: forwarded -1 https://issues.jboss.org/browse/UNDERTOW-1251
It seems this issue is tracked at
https://issues.jboss.org/browse/UNDERTOW-1251
However the bug report appears to be a duplicate of UNDERTOW-1101 which
was CVE-2017-2666 last year. I added a comment and hope that someone can
Processing control commands:
> forwarded -1 https://issues.jboss.org/browse/UNDERTOW-1251
Bug #885338 [src:undertow] CVE-2017-12165
Set Bug forwarded-to-address to 'https://issues.jboss.org/browse/UNDERTOW-1251'.
--
885338: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885338
Debian Bug
Processing commands for cont...@bugs.debian.org:
> # according to the now available inforamtion, possibly as well older versions
> found 885576 1.4.22-1
Bug #885576 [src:undertow] undertow: CVE-2017-7559: HTTP Request smuggling
vulnerability (incomplete fix of CVE-2017-2666)
Marked as found in
Source: undertow
Version: 1.4.8-1+deb9u1
Severity: grave
Tags: security
Forwarded: https://issues.jboss.org/browse/WFLY-9620
A flaw was found in Wildfly 9.x. A path traversal vulnerability
through the
org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource
method could lead
Source: undertow
Version: 1.4.8-1+deb9u1
Severity: grave
Tags: security
Forwarded: https://issues.jboss.org/browse/UNDERTOW-1245
It was found that the AJP connector in undertow, as shipped in Jboss
EAP 7.1.0.GA, does not use the ALLOW_ENCODED_SLASH option and thus
allow the the slash / anti-slash
I filed upstream bug
https://issues.jboss.org/browse/UNDERTOW-1295
and asked for more information about security vulnerabilities in general.
The relevant issues are public now:
CVE-2017-7559 was addressed in version 1.4.23 or 2.0.1. Since 2.0.1
requires the servlet 4.0 API which is currently
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 02 Mar 2018 17:43:25 +0100
Source: plexus-compiler
Binary: libplexus-compiler-java libplexus-compiler-java-doc
Architecture: source
Version: 2.8.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 02 Mar 2018 17:43:25 +0100
Source: plexus-compiler
Binary: libplexus-compiler-java libplexus-compiler-java-doc
Architecture: source
Version: 2.8.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java
plexus-compiler_2.8.3-1_source.changes uploaded successfully to localhost
along with the files:
plexus-compiler_2.8.3-1.dsc
plexus-compiler_2.8.3.orig.tar.xz
plexus-compiler_2.8.3-1.debian.tar.xz
plexus-compiler_2.8.3-1_source.buildinfo
Greetings,
Your Debian queue daemon
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository plexus-compiler.
commit 9b0ac44912cb956e365643b41fd5b5e98d700859
Author: Emmanuel Bourg
Date: Fri Mar 2 17:23:27 2018 +0100
Fixed the
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a change to branch master
in repository plexus-compiler.
from 55ce91e Fixed the scope of junit for plexus-compiler-api
new 174c2ab Standards-Version updated to 4.1.3
new 0e8f833
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository plexus-compiler.
commit 0e8f833390c68f49a1395b2eaab6a89968d88d75
Author: Emmanuel Bourg
Date: Fri Mar 2 15:54:47 2018 +0100
Switch to
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository plexus-compiler.
commit f17b6950c614b3f66d37c92fa4682817315f6ff0
Author: Emmanuel Bourg
Date: Fri Mar 2 17:41:53 2018 +0100
Updated the Maven
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch pristine-tar
in repository plexus-compiler.
commit ce7d2af834ab490dc95be3987f747e0c0e3ad97f
Author: Emmanuel Bourg
Date: Fri Mar 2 16:07:05 2018 +0100
pristine-tar
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository plexus-compiler.
commit 9fb1e1c338496e049bfc3140fd55c197ece704a0
Merge: 4a2ccb8 7d85dda
Author: Emmanuel Bourg
Date: Fri Mar 2 16:07:05 2018 +0100
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository plexus-compiler.
commit 7a6e58744348be5213d519e5e6ef8ed0f4e4fd82
Author: Emmanuel Bourg
Date: Fri Mar 2 17:09:48 2018 +0100
Refreshed the
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository plexus-compiler.
commit 4a2ccb852e92ef894047ee85b59e8712ab0b8ffd
Author: Emmanuel Bourg
Date: Fri Mar 2 16:01:32 2018 +0100
Depend on
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a change to branch pristine-tar
in repository plexus-compiler.
from 15a23dd pristine-tar data for plexus-compiler_2.8.2.orig.tar.xz
new ce7d2af pristine-tar data for
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository plexus-compiler.
commit 174c2ab05bd78de3125b598ce92729052f7acefe
Author: Emmanuel Bourg
Date: Fri Mar 2 15:54:41 2018 +0100
Standards-Version
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository plexus-compiler.
commit 873f3f5fa89ba6c305a4e8ac47f660f947682f2e
Author: Emmanuel Bourg
Date: Fri Mar 2 15:56:02 2018 +0100
Wrap and sort
---
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository plexus-compiler.
commit 35ef4230dc81b840a42614d00fbc8e0d1ea0aceb
Author: Emmanuel Bourg
Date: Fri Mar 2 17:54:10 2018 +0100
Upload to unstable
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository plexus-compiler.
commit 050bcd92c65857a00d3e8d85ee9904f84c398f6b
Author: Emmanuel Bourg
Date: Fri Mar 2 17:42:31 2018 +0100
Switched to
Author: tmancill
Date: 2018-03-02 14:39:27 + (Fri, 02 Mar 2018)
New Revision: 19316
Added:
trunk/libjgraphx-java/MOVED_TO_GIT.txt
Log:
Moved libjgraphx-java to Git
Added: trunk/libjgraphx-java/MOVED_TO_GIT.txt
===
---
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a change to annotated tag debian/1.6.1-1
in repository javamail.
at 9ec8e57 (tag)
tagging dab08cae9672152dfa9ab4b9517f5959abc359cd (commit)
replaces debian/1.5.6-2
tagged by Emmanuel Bourg
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a change to annotated tag upstream/1.6.1
in repository javamail.
at ecb91c3 (tag)
tagging e485e612969e0c4d17409cfc82db315d26f35a18 (commit)
replaces upstream/1.6.0
tagged by Emmanuel Bourg
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a change to annotated tag upstream/1.6.0
in repository javamail.
at f323e53 (tag)
tagging f954548eb32a15953c7d7ddde97a837f80298759 (commit)
replaces upstream/1.5.6
tagged by Emmanuel Bourg
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 02 Mar 2018 14:27:39 +0100
Source: javamail
Binary: libmail-java libmail-java-doc
Architecture: source
Version: 1.6.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 02 Mar 2018 14:27:39 +0100
Source: javamail
Binary: libmail-java libmail-java-doc
Architecture: source
Version: 1.6.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
javamail_1.6.1-1_source.changes uploaded successfully to localhost
along with the files:
javamail_1.6.1-1.dsc
javamail_1.6.1.orig.tar.xz
javamail_1.6.1-1.debian.tar.xz
javamail_1.6.1-1_source.buildinfo
Greetings,
Your Debian queue daemon (running on host usper.debian.org)
__
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit dab08cae9672152dfa9ab4b9517f5959abc359cd
Author: Emmanuel Bourg
Date: Fri Mar 2 14:27:44 2018 +0100
Upload to unstable
---
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch pristine-tar
in repository javamail.
commit bbbe4b6e1583731c3043ea6d2d48d886520230c1
Author: Emmanuel Bourg
Date: Fri Mar 2 11:07:38 2018 +0100
pristine-tar data
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit 9ee033093e0ef67020e1cf2d90d60a1f2297fcf9
Author: Emmanuel Bourg
Date: Fri Mar 2 14:27:34 2018 +0100
Patched
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a change to branch pristine-tar
in repository javamail.
from eb0cf74 pristine-tar data for javamail_1.5.6.orig.tar.xz
new d771c6d pristine-tar data for javamail_1.6.0.orig.tar.xz
new
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch pristine-tar
in repository javamail.
commit d771c6d5a18cdf8cdb4564944828fe74790afdf9
Author: Emmanuel Bourg
Date: Fri Mar 2 10:50:09 2018 +0100
pristine-tar data
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit b407e2a9aaa44fb46a69c1c5c31e16250930534a
Author: Emmanuel Bourg
Date: Fri Mar 2 11:53:52 2018 +0100
New dependency on
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit 7de6fb603a62aaff7bd78d8f718c9e9c96393592
Author: Emmanuel Bourg
Date: Fri Mar 2 10:33:14 2018 +0100
Standards-Version updated
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit 355bf4015eedc9225d7b976d2a4432e2d177d3b0
Author: Emmanuel Bourg
Date: Fri Mar 2 10:33:25 2018 +0100
Switch to debhelper level
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a change to branch master
in repository javamail.
from f233ec9 Upload to unstable
new a4c2050 Track and download the new releases from GitHub
new 7de6fb6 Standards-Version updated
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit faf4a3e17d4e6e1a8a299737c5c53a08e5e7db43
Author: Emmanuel Bourg
Date: Fri Mar 2 11:37:49 2018 +0100
Removed the
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit 2dcd7d9161b8d17160f7e9419de4238f4832c7ec
Author: Emmanuel Bourg
Date: Fri Mar 2 11:52:47 2018 +0100
Ignore
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit 44510fc3bf89b741ba86a379dc8e526462fe53ee
Author: Emmanuel Bourg
Date: Fri Mar 2 11:52:23 2018 +0100
Refreshed
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit a62ae898d28b35cd3644b3b36dd3dff363667642
Author: Emmanuel Bourg
Date: Fri Mar 2 11:06:42 2018 +0100
Refreshed the patches
---
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit a4c20508d0abb5aba1614a98901c802c84c14724
Author: Emmanuel Bourg
Date: Fri Mar 2 10:32:10 2018 +0100
Track and download the
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit 691da1bc262d9f6b54b20bba52b8c7a86db41e97
Author: Emmanuel Bourg
Date: Fri Mar 2 11:31:14 2018 +0100
Removed the oldmail
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit 90f596db82b105660356315c5d0307fcce5d05f5
Merge: 355bf40 f954548
Author: Emmanuel Bourg
Date: Fri Mar 2 10:50:09 2018 +0100
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit 2a8d455f08fd11c6a2cea118b7b5a77cc01c3694
Merge: a62ae89 e485e61
Author: Emmanuel Bourg
Date: Fri Mar 2 11:07:38 2018 +0100
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository javamail.
commit 25db76428ce5fcce298ec4fb81999c346f7d
Author: Emmanuel Bourg
Date: Fri Mar 2 11:09:48 2018 +0100
Refreshed the patches
---
Is it possible to put jetty 9.2.22 on jessie-backports? I've
temporarily switched back to jetty 8 for the last half a year, but I
might need jetty 9 soon. This problem is a large stability issue
(forcing to restart periodically and cause downtime), so
jessie-backports holds an unstable version.
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a change to annotated tag debian/1.2.0-1
in repository javabeans-activation-framework.
at 7237f68 (tag)
tagging 81cce9ceb5ee8e40953c87a49c41b453d835d670 (commit)
tagged by Emmanuel Bourg
70 matches
Mail list logo