-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 01 Sep 2016 22:32:59 +0200 Source: jsch Binary: libjsch-java libjsch-java-doc Architecture: source all Version: 0.1.54-1 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers <pkg-java-maintain...@lists.alioth.debian.org> Changed-By: Emmanuel Bourg <ebo...@apache.org> Description: libjsch-java - Java implementation of the SSH2 protocol libjsch-java-doc - Java implementation of the SSH2 protocol - documentation Changes: jsch (0.1.54-1) unstable; urgency=medium . * Team upload. * New upstream release - Fixes CVE-2016-5725: Malicious SFTP servers may force a client-side relative path traversal for recursive sftp-get allowing the server to write files outside the clients download basedir with effective permissions of the jsch sftp client process. - Updated the OSGi metadata * Build with the DH sequencer instead of CDBS * Standards-Version updated to 3.9.8 * Use secure Vcs-* URLs Checksums-Sha1: 71666da4b2f90c0fc108b40ad7338339edc51be5 2049 jsch_0.1.54-1.dsc f970b918ea511e742494420a16933ff5a8482ca3 118076 jsch_0.1.54.orig.tar.xz d4bb241f8bc49dd88fa38018f4de71a8e2c6ffc6 4940 jsch_0.1.54-1.debian.tar.xz cfd0fcdc0a0996a54c93a5a9edcb9a1eecffa88f 105930 libjsch-java-doc_0.1.54-1_all.deb 9f035001703df75ebab96d5650e5562695d1ba3a 283958 libjsch-java_0.1.54-1_all.deb Checksums-Sha256: a754a25d80d9bbd7f7bac1b09176e44380736c7745e081850e7e1fbec707ade7 2049 jsch_0.1.54-1.dsc 03e0292634ba859cd994d40d25aed8195e4b5e4a16aae81ae6adf61a34c7b48d 118076 jsch_0.1.54.orig.tar.xz 42456362f09059837db5d9a5015b71e43e150875113cea76bee595cd88093bf7 4940 jsch_0.1.54-1.debian.tar.xz 082e88f81fb147e12e852cd6cb87c3336616e144028e22987c32ba27952cc1e7 105930 libjsch-java-doc_0.1.54-1_all.deb 86a7ba3daf32f89b17a671b98b82ba162e882db8041618785cb163222c7a45fb 283958 libjsch-java_0.1.54-1_all.deb Files: f7c5849a8e2384e04bac40b3a7c92f4f 2049 java optional jsch_0.1.54-1.dsc cff50e50982e89cae49bd0f9e1ee9b8c 118076 java optional jsch_0.1.54.orig.tar.xz b9e848ff683c556f0677a016792fc15f 4940 java optional jsch_0.1.54-1.debian.tar.xz 82c73cbfaa2adb160ad5079e057c3f71 105930 doc optional libjsch-java-doc_0.1.54-1_all.deb 6a56ecb88265c7d39c3e2bd9ed04caf2 283958 java optional libjsch-java_0.1.54-1_all.deb
-----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJXyKdcAAoJEPUTxBnkudCsFAQP/33VRzSVEgmUGQLOwyjqCl5s Jl5lG8JbYQfT3ag/pqDsMlDIawWLhsY4jkJuepl2qQyIZ9iwguOKLg8OrShA0HpZ cvBLhzuzhyevGcoLaR90XI0tjQU7u+2EwFhS91+i3v7mAVbmeNqdYNzuhl5WBce7 wN37iumvwZUHWfq81+J+6f5xEjwl4NmUntY8kZkwUghRpIzt9FwPSSaU4j0NXcR8 p6NspmbuNLn/TkF/mx1oEaArDTZOsGpN4f/WzE4Pz/5UBhITanPkf4qgCVAbDaBQ 9/3y4dVMxJVujrYFt1PxF4dfdPifgMmPZpWwlaMdWiUFAL+pXNqrFhWRq/q0QW3U nRVdtWNvIM+92BEEUG/P+/cPeyes+HkFJ1OvmENCEZCbmmCr+hg2fBus1TcNSa+v cer/e6p+UXE7qYoq8mmvd/JsqYHXgJVq+ZSUB8Kj3LKja7MAJJLzrJm5JCMGDCoW 9QncM/5fbBZ4IwN/utRsrDl13mD7i+2Riba6QxkGUkKreYdCVteVAciT9A3kDoi/ O04kGA8t6HUNaTNHzM0lUf6ijMTO0t8CmHJVp4QBkQDTEf1xAp2lRNF0TclgsFqN Ezq7Z5fSTH1BVTXKLwCExHj92hpXuGubstr1gcIFgF8Hz50KJZfNEBESpnn2uwCD GXhK6kGU78yiq7ctNdkb =UOTr -----END PGP SIGNATURE-----