Your message dated Mon, 02 Nov 2015 15:50:42 +0000
with message-id <[email protected]>
and subject line Bug#798650: fixed in commons-httpclient 3.1-12
has caused the Debian Bug report #798650,
regarding CVE-2015-5262: https calls ignore http.socket.timeout during SSL
Handshake
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
798650: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798650
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: commons-httpclient
Version: 3.1-11
Severity: important
Please see https://bugzilla.redhat.com/show_bug.cgi?id=1259892
Cheers,
-- Guido
-- System Information:
Debian Release: 8.1
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'unstable'),
(500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.1.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: commons-httpclient
Source-Version: 3.1-12
We believe that the bug you reported is fixed in the latest version of
commons-httpclient, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Markus Koschany <[email protected]> (supplier of updated commons-httpclient
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 02 Nov 2015 15:32:33 +0100
Source: commons-httpclient
Binary: libcommons-httpclient-java libcommons-httpclient-java-doc
Architecture: source
Version: 3.1-12
Distribution: unstable
Urgency: high
Maintainer: Debian Java Maintainers
<[email protected]>
Changed-By: Markus Koschany <[email protected]>
Description:
libcommons-httpclient-java - Commons HTTPClient - Java library for creating
HTTP clients
libcommons-httpclient-java-doc - Documentation for libcommons-httpclient-java
Closes: 654007 783931 798650
Changes:
commons-httpclient (3.1-12) unstable; urgency=high
.
* Team upload.
.
[ Kumar Appaiah ]
* debian/control:
+ Remove Kumar Appaiah from uploaders
.
[ Emmanuel Bourg ]
* Add myself to Uploaders.
* Switch to debhelper level 9
* debian/control:
- Use canonical URLs for the Vcs-* fields
- Improved the package description
- Removed Michael Koch from the uploaders (Closes: #654007)
* debian/rules: Improved the clean target
.
[ tony mancill ]
* Remove trailing spaces from package description of
libcommons-httpclient-java-doc in debian/control. (Closes: #783931)
.
[ Markus Koschany ]
* wrap-and-sort -sa.
* Declare compliance with Debian Policy 3.9.6.
* Add CVE-2015-5262.patch.
Fix CVE-2015-5262 jakarta-commons-httpclient: https calls ignore
http.socket.timeout during SSL Handshake. (Closes: #798650)
Checksums-Sha1:
7f6e4219895a5d60a829f4c6e2bd036901167de5 2480 commons-httpclient_3.1-12.dsc
50654599f42d71e9430cf6a1a7d55c533c9c9697 12888
commons-httpclient_3.1-12.debian.tar.xz
Checksums-Sha256:
42b996fd84d32166e2c1a3bd2cacc787dd52bb873538c2c92d48f3ffeeaeba88 2480
commons-httpclient_3.1-12.dsc
b7ee9e0d81f90d7cbe2a03dc5828ab63411778b6c42de2952fd4c27b42402e3d 12888
commons-httpclient_3.1-12.debian.tar.xz
Files:
016ef22b50d13d5acddc115f9e244bb3 2480 java optional
commons-httpclient_3.1-12.dsc
6eeda411cfcf9dc046204f4f8d47ec0c 12888 java optional
commons-httpclient_3.1-12.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQJ8BAEBCgBmBQJWN3W+XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkGOEP/2CZ76lZB8nE+W2NJhMtBcJs
RSEQp0QcHFf69IK2UQpsqMh6ilqivP5oFl6Yf84xNtYpM4npfFO5dm/Rxy8dGG/L
2i9pGGw/qW8JSLwxywnkEzyHkZWqzZmBIlxTHKpXNPr5Iq5MUiJrsYJShg/FoK3J
JdzoHfg1BmT0dzxwL3GthTILJydUoH6r6XsIGUy1yN3QL1O100o7NhIz3ad/59QZ
NJfSGi4BpvEV6IY1dOX8n83ZhQH3IYXStI7nGyzahJg0ClxlMGCuTclGHrByo3kg
ypMVV7uP6I/aPyPLaHD2VXj8p9ZAyK+jgWJweB8bxzQUWK8LYqAtAUe7GwHfSfNZ
7L4G/lM81f7BaAQswBDKyNwLCLMRB1qCGb8oaTjdFG405TW5/1eOqpo0sgLsS1nq
hNxhLx14vbBIQkEkCgMRzGuUI93LUuH1RGmYFxgvcWHMBYipoCa4Jk3kT3bAqIfV
qI6k6gvsqnYHssWoHJZSquB9+o4NR7fQGHqDYFDENDmdOrMzJz3Ia3b2ZF30cIpg
TrPC+szRKK00CsDiAfHu8RmpiMzoa3cS6NcHNBhlU1t/FCkx9mBr/wQ5v+3x4LKf
sGCSk8/pVOXnXr9BmLNEW/qqzph6n7B+akTYWAQFwWgoPWq6LCdktB2tkswyxmwH
rV/Jy32OLrIqgpK9iJ6H
=M2ER
-----END PGP SIGNATURE-----
--- End Message ---
__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>.
Please use
[email protected] for discussions and questions.
