According to upstream, this version is affected[1], while Glassfish 3.1.2.1 or later isn't. Also, take into account that Debian's current version has reached EOL[2].
BTW: why the severity level change? [1] http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html [2] http://www.oracle.com/us/support/library/lifetime-support- middleware-069163.pdf Best regards, -- Marcos Marado -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
