Package: libspring-java
Severity: grave
Tags: security
Justification: user security hole

http://www.gopivotal.com/security/cve-2014-0054
http://www.gopivotal.com/security/cve-2014-1904

I'm not sure whether these are worth a DSA?

Cheers,
        Moritz

__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to