jalview is marked for autoremoval from testing

2023-05-11 Thread Debian testing autoremoval watch
jalview 2.11.2.5+dfsg-3 is marked for autoremoval from testing on 2023-06-16 It (build-)depends on packages with these RC bugs: 1035484: jmol: broken symlink: /usr/share/jmol/JSpecView.jar -> ../java/JSpecView.jar https://bugs.debian.org/1035484 This mail is generated by:

maven-debian-helper_2.6.3_source.changes ACCEPTED into unstable

2023-05-11 Thread Debian FTP Masters
Thank you for your contribution to Debian. Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 12 May 2023 01:20:16 +0200 Source: maven-debian-helper Architecture: source Version: 2.6.3 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers

Processing of maven-debian-helper_2.6.3_source.changes

2023-05-11 Thread Debian FTP Masters
maven-debian-helper_2.6.3_source.changes uploaded successfully to localhost along with the files: maven-debian-helper_2.6.3.dsc maven-debian-helper_2.6.3.tar.xz maven-debian-helper_2.6.3_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) __

Bug#1034824: tomcat9 should not be released with Bookworm

2023-05-11 Thread Emmanuel Bourg
Hi Paul, Le 2023-05-11 21:44, Paul Gevers a écrit : From a quick look at the key packages: It seems you didn't follow up (86 days) on libcommons-dbcp-java which can't migrate to bookworm because it would make libbiojava-java-doc uninstallable (no fix there, no bug report filed). I have to

Bug#1034824: tomcat9 should not be released with Bookworm

2023-05-11 Thread Markus Koschany
Hello Paul, Am Donnerstag, dem 11.05.2023 um 21:44 +0200 schrieb Paul Gevers: > Hi Markus, > > On Tue, 25 Apr 2023 16:04:09 +0200 Markus Koschany wrote: > > We can only support one major Tomcat version per release. Tomcat9 has > > been part of Buster and Bullseye already and is superseded by

Bug#1034824: tomcat9 should not be released with Bookworm

2023-05-11 Thread Paul Gevers
Hi Markus, On Tue, 25 Apr 2023 16:04:09 +0200 Markus Koschany wrote: We can only support one major Tomcat version per release. Tomcat9 has been part of Buster and Bullseye already and is superseded by Tomcat 10 in Bookworm. I wanted to wait with the removal request until the issues in

Processed: tagging 1035957, tagging 1035956, tagging 1035955, tagging 1035954, tagging 1035953, tagging 1035952 ...

2023-05-11 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > tags 1035957 + upstream Bug #1035957 [src:openjdk-17] openjdk-17: CVE-2023-21930 CVE-2023-21937 CVE-2023-21938 CVE-2023-21939 CVE-2023-21954 CVE-2023-21967 CVE-2023-21968 Added tag(s) upstream. > tags 1035956 + upstream Bug #1035956

plume-reflection-util-java_0.2.2+ds-1~exp1_amd64.changes ACCEPTED into experimental

2023-05-11 Thread Debian FTP Masters
Thank you for your contribution to Debian. Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 07 May 2023 20:55:22 -0400 Source: plume-reflection-util-java Binary: libplume-reflection-util-java Architecture: source all Version: 0.2.2+ds-1~exp1 Distribution:

Bug#1035952: apache-jena: CVE-2023-22665

2023-05-11 Thread Moritz Mühlenhoff
Source: apache-jena X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for apache-jena. CVE-2023-22665[0]: | There is insufficient checking of user queries in Apache Jena versions | 4.7.0 and earlier, when invoking custom