severity 762690 important thx On Sun, Nov 02, 2014 at 11:38:30PM +0100, Emmanuel Bourg wrote: > libhibernate-validator-java is only used as a build dependency of > libhibernate3-java. No package depends on it at runtime, so the risk of > being affected by this vulnerability is rather low, if not zero.
I'm downgrading the severity to normal. No need to treat it as a RC security bug. Cheers, Moritz __ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.