Re: Restoring collections15 t

2015-02-05 Thread Giovanni Mascellani 
Hi.

Il 02/02/2015 10:31, Michael Crusoe ha scritto:
> I am packaging the Trinity RNASeq assembler[0] for Debian and it
> (sadly) does use this old library. Can you restore
> libcollections15-java to the archive?

Having a quick look at it, it seems to me that RNASeq uses collections
just through the Jung library (just as geogebra does), which is not in
Debian as well (and has a many-years-old RFP bug, #368931). Do you
intend to package it? Take also into account that, apparently, RNASeq
only uses very small parts of jung, and that jung appears to be dead
since early 2010.

Personally, I would suggest to do as I did with geogebra: put an
embedded copy of the jung classes you need in your package, document
this in d/README.source and patch them in order to use the new
collections library (you can probably take a lot from Emmanuel's patch
on geogebra).

I also read in d/README.source from geogebra (that I wrote a long time
ago) that there are parts of jung that are not free, so jung as a whole
could not be packaged (I do not remember how extensively the non-free
part are and what was the actual problem). Fortunately geogebra does not
need the non-free parts, so I could embed just the classes that were needed.

HTH.

Regards, Giovanni.
-- 
Giovanni Mascellani 
PhD Student - Scuola Normale Superiore, Pisa, Italy

http://poisson.phc.unipi.it/~mascellani



signature.asc
Description: OpenPGP digital signature
__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#777196: activemq: CVE-2014-8110 CVE-2014-3612 CVE-2014-3600

2015-02-05 Thread Moritz Muehlenhoff 
Package: activemq
Severity: important
Tags: security

Hi,
please see
http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt
(but the admin console isn't enabled, so this should be moot? (702670))

http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
http://activemq.apache.org/security-advisories.data/CVE-2014-3600-announcement.txt

Cheers,
Moritz

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.