Bug#1014597: libitext5-java: new version 5.5.13.3 addresses CVE-2021-43113
On Sun, 10 Jul 2022, tony mancill wrote: Hello Thomas, On Fri, Jul 08, 2022 at 04:00:20PM +0200, Thomas Uhle wrote: > [...] > Could you please also pay attention to my other bug ticket #983715 and > consider to package itext-xtra along with the other jar files, at least for > bookworm. I will take a look at this after the version update. Thank you for the reminder. Best regards, tony Hello Tony, that would be great. Thank you! Best regards, Thomas
Bug#1014597: libitext5-java: new version 5.5.13.3 addresses CVE-2021-43113
Hello Thomas, On Fri, Jul 08, 2022 at 04:00:20PM +0200, Thomas Uhle wrote: > Package: libitext5-java > Version: 5.5.13.2-1 > Severity: serious > Tags: security upstream > X-Debbugs-Cc: t...@security.debian.org > Control: found -1 5.5.13-1 > > Dear maintainers, > > there is a new bugfix release upstream for iText 5. In particular, it > addresses CVE-2021-43113. The new version 5.5.13.3 has been announced on > Maven as well as on Github at https://github.com/itext/itextpdf/releases for > instance. Please consider to also update the binary package for bullseye and > perhaps for buster too. Thank you for the bug report. I am preparing an upload of 5.5.13.3 now. > Could you please also pay attention to my other bug ticket #983715 and > consider to package itext-xtra along with the other jar files, at least for > bookworm. I will take a look at this after the version update. Thank you for the reminder. Best regards, tony signature.asc Description: PGP signature
Bug#1014597: libitext5-java: new version 5.5.13.3 addresses CVE-2021-43113
Package: libitext5-java Version: 5.5.13.2-1 Severity: serious Tags: security upstream X-Debbugs-Cc: t...@security.debian.org Control: found -1 5.5.13-1 Dear maintainers, there is a new bugfix release upstream for iText 5. In particular, it addresses CVE-2021-43113. The new version 5.5.13.3 has been announced on Maven as well as on Github at https://github.com/itext/itextpdf/releases for instance. Please consider to also update the binary package for bullseye and perhaps for buster too. Could you please also pay attention to my other bug ticket #983715 and consider to package itext-xtra along with the other jar files, at least for bookworm. Thank you in advance! Best regards, Thomas Uhle -- System Information: Debian Release: 11.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: arm64 (aarch64) Foreign Architectures: armhf Kernel: Linux 5.10.0-16-arm64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) libitext5-java depends on no packages. libitext5-java recommends no packages. Versions of packages libitext5-java suggests: ii libbcpkix-java1.68-2 ii libbcprov-java1.68-2 pn libitext5-java-doc ii libxml-security-java 2.0.10-2+deb11u1