Package: libjgroups-java
Severity: grave
Tags: security
Justification: user security hole
Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4112
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Debian has JGroups 2.12, this version doesn't use authentication. An
attacker can disrupt a node (stopping or slowing it down) but not
execute arbitrary code.
Diagnostics are enabled by default. We can simply disable them by default.
Emmanuel Bourg
--
To UNSUBSCRIBE, email to
2 matches
Mail list logo
