Your message dated Sun, 10 Jul 2022 23:04:12 +0000
with message-id <e1oafyg-000gtd...@fasolo.debian.org>
and subject line Bug#1014597: fixed in libitext5-java 5.5.13.3-1
has caused the Debian Bug report #1014597,
regarding libitext5-java: new version 5.5.13.3 addresses CVE-2021-43113
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1014597: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014597
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libitext5-java
Version: 5.5.13.2-1
Severity: serious
Tags: security upstream
X-Debbugs-Cc: t...@security.debian.org
Control: found -1 5.5.13-1
Dear maintainers,
there is a new bugfix release upstream for iText 5. In particular, it
addresses CVE-2021-43113. The new version 5.5.13.3 has been announced on
Maven as well as on Github at https://github.com/itext/itextpdf/releases
for instance. Please consider to also update the binary package for
bullseye and perhaps for buster too.
Could you please also pay attention to my other bug ticket #983715 and
consider to package itext-xtra along with the other jar files, at least
for bookworm.
Thank you in advance!
Best regards,
Thomas Uhle
-- System Information:
Debian Release: 11.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: arm64 (aarch64)
Foreign Architectures: armhf
Kernel: Linux 5.10.0-16-arm64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8), LANGUAGE=en_US.UTF-8
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
libitext5-java depends on no packages.
libitext5-java recommends no packages.
Versions of packages libitext5-java suggests:
ii libbcpkix-java 1.68-2
ii libbcprov-java 1.68-2
pn libitext5-java-doc <none>
ii libxml-security-java 2.0.10-2+deb11u1
--- End Message ---
--- Begin Message ---
Source: libitext5-java
Source-Version: 5.5.13.3-1
Done: tony mancill <tmanc...@debian.org>
We believe that the bug you reported is fixed in the latest version of
libitext5-java, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1014...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
tony mancill <tmanc...@debian.org> (supplier of updated libitext5-java package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 10 Jul 2022 11:47:05 -0700
Source: libitext5-java
Architecture: source
Version: 5.5.13.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
<pkg-java-maintain...@lists.alioth.debian.org>
Changed-By: tony mancill <tmanc...@debian.org>
Closes: 1014597
Changes:
libitext5-java (5.5.13.3-1) unstable; urgency=medium
.
* Team upload.
* Update debian/watch to match path to source tarball on github.com
* New upstream version 5.5.13.3 (Closes: #1014597)
Addresses CVE-2021-43113.
* Refresh 0008-Update-CompareToolTests.patch for new upstream tests
Checksums-Sha1:
d2e1eec4fe1477e2623dd0fe520b5dabc96d7c57 2421 libitext5-java_5.5.13.3-1.dsc
4a29cbcd130abb2821a01be1d0e1d10248553550 90926228
libitext5-java_5.5.13.3.orig.tar.xz
a909bfda2e2996003fb2fc24c4c1539378e83016 17808
libitext5-java_5.5.13.3-1.debian.tar.xz
01382eec105a90b4b50270d8bf3a44f52418b090 14810
libitext5-java_5.5.13.3-1_amd64.buildinfo
Checksums-Sha256:
75d605ce5af002563d16d46b43200fcdafb315148013a473d32d81c6f3f71531 2421
libitext5-java_5.5.13.3-1.dsc
51ef8026f4697b4791b6dfa8a8fe8a0e59655e4c346126434bae30765ac786a1 90926228
libitext5-java_5.5.13.3.orig.tar.xz
d4ba107027402a4f56fc16b75e2c3a0cd06a91a0b09e89ec3f09036816b65e60 17808
libitext5-java_5.5.13.3-1.debian.tar.xz
c81f413d15ed407bbd07734b276e97d69f40a2003490913743d55c99113f6f2e 14810
libitext5-java_5.5.13.3-1_amd64.buildinfo
Files:
646aa8e750bc2c99ccc6ac595441749c 2421 java optional
libitext5-java_5.5.13.3-1.dsc
0b693582ea7b7f77af91912eaadf9ee4 90926228 java optional
libitext5-java_5.5.13.3.orig.tar.xz
6a3abbd3e907ca28768d12c6b34ead46 17808 java optional
libitext5-java_5.5.13.3-1.debian.tar.xz
d9bc038314916f17b4d60e9cde1c2220 14810 java optional
libitext5-java_5.5.13.3-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCgAyFiEE5Qr9Va3SequXFjqLIdIFiZdLPpYFAmLLWE4UHHRtYW5jaWxs
QGRlYmlhbi5vcmcACgkQIdIFiZdLPpa9FA//eRoMkKVAbAtIC740EpGSsp1oy4uX
FFbIGCq+kfmDTaCHDvXJ8t+8eLXnbuN6MOVr042lJgHk3jBS2EMF1vHMa0xoWU3U
dwcwuV4gz99rChYtctAgaXRaggksC4eB4YmVEQYfaX6uzBWxDa19dP0mWy9r3E6R
giVtrEqd/+kb6aRfd4mObXg9nMQCnvlXr/00SqcccJEe8zenQmHT6kGb1sQJMjKc
7KIO4EDercyI5cGnR2qyMxfsu4e44vo35ATB69Q8BeFrFXoqbJPM/Sx4F5OOY/cO
LUfugj1yCnm9HPAULB9Nqp5DnmXGvfkofPyZl6kG6Y8pToK6j1Sfi1hyXgc7W2ae
/UWJDHGgADIVzB103OTzis2jt/mpAlP5fJvUTcXREwsPt6qW/vnPtMwE3cP6ovc2
sxAhvzQf0+Lf4CIV2Tio9cxsJoyB+pKlQrLBb2pq98KZprv4hboqTZ6TGPu1quCx
jZwO91+OW+rxA4I8CGJAtePO4rvDh4MXX1RCoW3pM+5TQB92+YlGZN9NRFaxLlnW
/HsJBnI2iESg9samWvWAAFTbGxLzqhJycEry5ZyZdP6yjO5fzCHVxy+22j92AwDM
1bF/OriLAE+N260ajMNSIx8xZKkPpK/Hc1jXg/5FHvjJHWhwyNdFElz6U9o6IcQ2
JLyzPbKJg77KvMY=
=ILB7
-----END PGP SIGNATURE-----
--- End Message ---
