Your message dated Fri, 22 Mar 2013 01:47:48 +0000 with message-id <e1uir5a-0000ix...@franck.debian.org> and subject line Bug#701991: fixed in wagon2 2.2-3+nmu1 has caused the Debian Bug report #701991, regarding maven3: CVE-2013-0253 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 701991: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701991 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: maven3 Severity: grave Tags: security Justification: user security hole Please see http://maven.apache.org/security.html for details. Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: wagon2 Source-Version: 2.2-3+nmu1 We believe that the bug you reported is fixed in the latest version of wagon2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 701...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Gilbert <mgilb...@debian.org> (supplier of updated wagon2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 22 Mar 2013 01:19:26 +0000 Source: wagon2 Binary: libwagon2-java Architecture: source all Version: 2.2-3+nmu1 Distribution: unstable Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintain...@lists.alioth.debian.org> Changed-By: Michael Gilbert <mgilb...@debian.org> Description: libwagon2-java - resources' transport abstraction that is used in Maven Closes: 701991 Changes: wagon2 (2.2-3+nmu1) unstable; urgency=high . * Non-maintainer upload by the Security Team. * Fix cve-2013-0253: doesn't check SSL certificates by default (closes: #701991). Checksums-Sha1: b3e9a285c3e6fd2adce9f9634d0553c13fd45b0e 3507 wagon2_2.2-3+nmu1.dsc 4e0af51d1f5a4c4bc6d116cb74339b219485b2ea 6667 wagon2_2.2-3+nmu1.debian.tar.gz d3b554d802f942dfd1f934a0bb24e3e1564c0db3 1058080 libwagon2-java_2.2-3+nmu1_all.deb Checksums-Sha256: 3a2ca2654f34910fc5624fd78201434e7caf05bd4a698975df8e612929577722 3507 wagon2_2.2-3+nmu1.dsc 318f8774a980436231eecae4de90e28357cc0ba204318b06ffba1745b0948c29 6667 wagon2_2.2-3+nmu1.debian.tar.gz 9956f5725279e59943518bfd911f361ba68e4e138d059009cd5d3049c8b5bb55 1058080 libwagon2-java_2.2-3+nmu1_all.deb Files: 05062662372452703564bc9d0bd86570 3507 java optional wagon2_2.2-3+nmu1.dsc 925b6fa39b947dc86255410c63413318 6667 java optional wagon2_2.2-3+nmu1.debian.tar.gz b7b74ee7dad1a9e3a54b74c47c3b6ea4 1058080 java optional libwagon2-java_2.2-3+nmu1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQQcBAEBCAAGBQJRS7PXAAoJELjWss0C1vRzm/wf/11jA/q/Mlg/Z/KxkQ9cWFsq sn6Pm/NmYEwHSkdCH9jT1/4B8XG7ewYB+Xh6YsAiI0rhUIe+kY0LeUVzu7ig7Wai pg07Fri9OnaZLfjOdU8tCFP+xf7aIxj7sP9D7yZpUnsOJJZD1q/WpuMaPwIA0F+H wThpvMCWeTtUpZZOTdLUSd3OLsXzlE/xOKMiBJWrJaggV8iqSkh2rVyeIc1hx1RK c6YNcfIVGzPu4bt19LtQRNebzPROGLEQyf11SBzWebIiONDQR44c9ayav8/oBbdk Pf/LzbqUmg5IU3UlwpSO2mmkp9Rv574la/F6EPjrXdLks+VqZrrnr4tACkLK4tw3 YhmqdNakDl4WfxGS9Xxgu6JZuwcQqIrqJ+35+c0brEWnCipMmT7mOwMpD0kPb/F9 yS4x2qqsNX/7cdrk8DjMJvK+jn7PWQdNB35P5YKjrGtSUyuiXsyUzGuyjVKYW9qy rj0kCT6W0clYKlVF5vI+Rkh30QG/x1Y3z5jUkWjRc22eECTDPivSyf3oq2WbBxIO zxOPoKb3KrTYBbsfNKe++DAHEcrbDZHr2W+o5MnKwRm8MYaVB0GTpBBP1jm7vQhS 9uS93JSrS4HVExtpnGLijzpOpu4MRup/+UuyJZtuKT9Iom2/AzUro89Z09QQA+DN G8Euw1zHGaFKOoCLEu+7f5nFuFKVOtGrKVkqyuvH7ILrdYZP3GPD4W0tXj+hz+mk 2iCey2j2bNJln+hapGVOLDOd5mxRPWmuOJp/XdFGaN7nJUIQhXN6nlYXxXQf6Y4v Ntr3lgASzhMkc4VcdjfAekpaTUfcMr9LSHcOmgfFf0fwtWbeECB6x/4SMmI/jUat +DxTwO9yK4+u3rVWJ27TUj+OlgbeVQ3srS4Ww6yUpU0fAo19pUfkqJDTYoNmEnuJ +JhMiIEEHiCNpRao+7Xjz7uBNN+6gTD6yG6HfzP9B8gRlj2714Y0BVElLMYS0qMQ d93OYLlGBZYpX5RoDK965igqy2FcR7qKPrp+Z0a+6v4m0Ef35e1kieFKmoLb9QDn ICV3/TwqGn4bVELiosTN7eoK0HIXajBlJx/TenRCzoYFZ+3S9nDQKdyHgTRRT2T7 P+KdeBhweG+dMByU67CPt3ClglgLo8Ww0Sq0CSjKZNgTa5Azcx0VX43oL45GiGDY 7dykhWVItwHtHv/K0b55zPx0q5uJohrH3Vswqb2wQGS6gNztetP8BciOteyA4WJ2 q6LXKqZaD30vgAQT9A14OdO8v357JSxXOEB+7dJhBcREv1fKzZeyaoISVyKKeeJg bZY+mtIoUhMjThjbNUusgC9wzfYsz9KbryENUwEF/LGDcMJEUVSMLFUCtXjaBu8= =h5lG -----END PGP SIGNATURE-----
--- End Message ---
