On 25.01.2014 15:22, Miguel Landaeta wrote: > On Thu, Jan 23, 2014 at 12:05:01AM +0100, Markus Koschany wrote: >> Control: tags -1 confirmed >> Control: owner -1 ! >> >> I'm working on a new revision and stable-security update. >> >> Markus >> > > Hi Markus, > > Thanks for taking care of this bug. > > I'm kinda slow nowadays to react to some bug reports but I'll be happy to > review and sponsor the new revision when you are ready. Just let me > know about it. >
Hi Miguel, No problem. Since I have dealt with the last security issue, I thought I'll care for this related "follow-up" bug, too. :) Yesterday I sent a request for review and sponsorship to the debian-java list. https://lists.debian.org/debian-java/2014/01/msg00052.html I have simply tried to backport upstream's commits. In case of CVE-2013-6430 that was straightforward but the other one needed additional work. I'd be glad if you reviewed my changes and uploaded the package to unstable. I will then open a new RT security ticket and hopefully the libspring-java can be uploaded to stable-security, too. Regards, Markus
signature.asc
Description: OpenPGP digital signature
