FYI: The status of the plexus-languages source package
in Debian's testing distribution has changed.
Previous version: 0.9.10-1
Current version: 0.9.10-2
--
This email is automatically generated once a day. As the installation of
new packages into testing happens multiple times a day you
FYI: The status of the eclipse-jdt-debug source package
in Debian's testing distribution has changed.
Previous version: 4.11-1
Current version: 4.12-3
--
This email is automatically generated once a day. As the installation of
new packages into testing happens multiple times a day you
Source: tika
Version: 1.20-1
Severity: grave
Tags: security upstream
Control: found -1 1.21-1
Hi,
The following vulnerability was published for tika.
CVE-2019-10094[0]:
| A carefully crafted package/compressed file that, when
| unzipped/uncompressed yields the same file (a quine), causes a
|
Processing control commands:
> found -1 1.21-1
Bug #933745 [src:tika] tika: CVE-2019-10093: Denial of Service in Apache Tika's
2003ml and 2006ml Parsers
Marked as found in versions tika/1.21-1.
--
933745: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933745
Debian Bug Tracking System
Source: tika
Version: 1.20-1
Severity: important
Tags: security upstream
Control: found -1 1.21-1
Hi,
The following vulnerability was published for tika.
CVE-2019-10093[0]:
| In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file
| could consume all available SAXParsers in the
Source: tika
Version: 1.21-1
Severity: grave
Tags: security upstream
Control: found -1 1.20-1
Hi,
The following vulnerability was published for tika.
CVE-2019-10088[0]:
| A carefully crafted or corrupt zip file can cause an OOM in Apache
| Tika's RecursiveParserWrapper in versions 1.7-1.21.
Processing control commands:
> found -1 1.20-1
Bug #933744 [src:tika] tika: CVE-2019-10088: OOM from a crafted Zip File in
Apache Tika's RecursiveParserWrapper
Marked as found in versions tika/1.20-1.
--
933744: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933744
Debian Bug Tracking
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 02 Aug 2019 13:58:21 +0200
Source: lombok-patcher
Architecture: source
Version: 0.32-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
Changed-By: Markus Koschany
Changes:
lombok-patcher_0.32-1_source.changes uploaded successfully to localhost
along with the files:
lombok-patcher_0.32-1.dsc
lombok-patcher_0.32.orig.tar.gz
lombok-patcher_0.32-1.debian.tar.xz
lombok-patcher_0.32-1_amd64.buildinfo
Greetings,
Your Debian queue daemon (running on host
Your message dated Fri, 02 Aug 2019 12:21:11 +
with message-id
and subject line Bug#911796: fixed in undertow 2.0.23-1
has caused the Debian Bug report #911796,
regarding CVE-2018-14642
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the
Your message dated Fri, 02 Aug 2019 12:21:11 +
with message-id
and subject line Bug#885338: fixed in undertow 2.0.23-1
has caused the Debian Bug report #885338,
regarding CVE-2017-12165
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the
Your message dated Fri, 02 Aug 2019 12:21:11 +
with message-id
and subject line Bug#930349: fixed in undertow 2.0.23-1
has caused the Debian Bug report #930349,
regarding undertow: CVE-2019-3888: leak credentials to log files
UndertowLogger.REQUEST_LOGGER.undertowRequestFailed
to be marked
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 02 Aug 2019 12:11:14 +0200
Source: undertow
Architecture: source
Version: 2.0.23-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
Changed-By: Markus Koschany
Closes: 885338 911796
Package: javahelper
Version: 0.72.9
Severity: serious
jh_linkjars apparently chokes on the new debhelper-compat package.
Since it is not a real package dpkg -L does not work. I presume the
workaround is to either add debhelper-compat to a blacklist or to find
a more general way to not use dpkg
undertow_2.0.23-1_source.changes uploaded successfully to localhost
along with the files:
undertow_2.0.23-1.dsc
undertow_2.0.23.orig.tar.gz
undertow_2.0.23-1.debian.tar.xz
undertow_2.0.23-1_amd64.buildinfo
Greetings,
Your Debian queue daemon (running on host usper.debian.org)
__
Your message dated Fri, 2 Aug 2019 13:36:13 +0200
with message-id <7f7a590c-d2e3-76c0-6700-2db678a51...@debian.org>
and subject line Re: undertow: Keep it out of Buster
has caused the Debian Bug report #903916,
regarding undertow: Keep it out of Buster
to be marked as done.
This means that you
Processing commands for cont...@bugs.debian.org:
> # housekeeping to allow bug archival
> notfixed 832995 8.17.0-1
Bug #832995 {Done: Michael Biebl } [rsyslog-gnutls] TLS
connections dropped with "unexpected GnuTLS error -50 in nsd_gtls.c:530" error
There is no source info for the package
17 matches
Mail list logo