Your message dated Thu, 11 Jan 2018 15:10:07 +0000 with message-id <e1ezeuz-000gi2...@fasolo.debian.org> and subject line Bug#885577: fixed in libhibernate-validator-java 4.3.3-4 has caused the Debian Bug report #885577, regarding libhibernate-validator-java: CVE-2017-7536: Privilege escalation when running under the security manager to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885577: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885577 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: libhibernate-validator-java Severity: important Tags: security Hi, the following vulnerability was published for libhibernate-validator-java. There is unfortunately not much information available, cf. [1]. CVE-2017-7536[0]: Privilege escalation when running under the security manager If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-7536 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7536 [1] https://bugzilla.redhat.com/show_bug.cgi?id=1465573 Please adjust the affected versions in the BTS as needed. Salvatore
--- End Message ---
--- Begin Message ---Source: libhibernate-validator-java Source-Version: 4.3.3-4 We believe that the bug you reported is fixed in the latest version of libhibernate-validator-java, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 885...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Markus Koschany <a...@debian.org> (supplier of updated libhibernate-validator-java package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 11 Jan 2018 14:43:58 +0100 Source: libhibernate-validator-java Binary: libhibernate-validator-java Architecture: source Version: 4.3.3-4 Distribution: unstable Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <a...@debian.org> Description: libhibernate-validator-java - Hibernate Validator Closes: 885577 Changes: libhibernate-validator-java (4.3.3-4) unstable; urgency=high . * Team upload. * Fix CVE-2017-7536. Thanks to Salvatore Bonaccorso for the report. (Closes: #885577) * Switch to compat level 11. * Declare compliance with Debian Policy 4.1.3. * Rename README.Debian-source to README.source. * Remove unused maven.cleanIgnoreRules and maven.publishedRules. Checksums-Sha1: de269d0b9b218ea1f8629d07797e0105775f1ada 2707 libhibernate-validator-java_4.3.3-4.dsc 09f6aa46ed06ffae49e942cf25eb072b933a33b9 19048 libhibernate-validator-java_4.3.3-4.debian.tar.xz 39d9c60f65cd9edac40efe6cf5c53dd9063a3bdb 17159 libhibernate-validator-java_4.3.3-4_amd64.buildinfo Checksums-Sha256: f871de4988ab1873cc98437a5c995f0a0b27ef037500cbc34b96ac1f0c5bce4b 2707 libhibernate-validator-java_4.3.3-4.dsc 6b6ca4bdfc69015546d8daf38169a50306b2cd8ff217e063f1f2b6a02d4e0b5c 19048 libhibernate-validator-java_4.3.3-4.debian.tar.xz e52445e5f0d37391a93725a82c5d7bbdd4935c08736cca53bcf3f508d8e11fa6 17159 libhibernate-validator-java_4.3.3-4_amd64.buildinfo Files: 3f9c9d1024a3207ad26f8c103c674b21 2707 java optional libhibernate-validator-java_4.3.3-4.dsc 29cfb91f633afc56de7b201bb8f7c2e6 19048 java optional libhibernate-validator-java_4.3.3-4.debian.tar.xz 03c23d37e26e88b3c94681dde8f65ded 17159 java optional libhibernate-validator-java_4.3.3-4_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlpXa+ZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkFokP/2kRIEvwccu+ack2XYlFc7zQMTtvZKQsH/Ho +tsnQ+I+5xYB8QzcdrNQHSXm9AJHJEzr1VOTgK8NVyDKVrYkwyrk+0pk6Tp8Ky0R 3YQm8iPpb6ilPkl+jW+N0OthVKFnmqOqkOFmGsog/1IGQ9WIht+9d2IS+FNXMQMl EUY2UmrBMeFP5HYZt8tAbc8EUIfJW7mPqogO3oy1BJedOxmT6oUn/nTkVXVXbglT Jr7R7BmPVaNU6z9lrdjjhq/ailfRusrCQuXGr7DkDO0w+YUPEkr2Ufh65VoiHqUz hI10/F/Vwb8aUXz1D5lCAXlEQcEK1mxxTrwhM0W9mbWeWSfm+IIlqpfDCnZKlwtU R3P1mVuw3VNNIYyXDHnc8/QdiMyejuVncNVsvGhAFV5BGpl17d35z64x2rfPzANl xdsWuahb3RTU7B4kqHv9q/HkDsKiv0HhlENELXe6XgGhJhgwCpy6KLEAjtTcmkvP b12K5cdZQnpuAhnRSVowN5PgYs5BB9Tx81KOyN8NCCxsNIZ2WhhV04DpFBy+YRKj uyPewu4orNpc3UsY9PgBJPNF5fZHPIFyw4Fhob8CWAlobcCIH3beSzKFEurEC1VV 4cqqXfs/000/GuNrVlHVNkYDlIUhgpcp1VwCIK7tFL6o4iaUgv8Y0Kh7uzxqAbZN +ecAj5El =fisf -----END PGP SIGNATURE-----
--- End Message ---
__ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.
